uploads.jovemnerd.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uploads.jovemnerd.com.br/
Submission: On November 02 via api (November 2nd 2023, 2:27:03 am UTC) from US — Scanned from DE

Summary HTTP 731 Redirects Links 95 Behaviour Indicators

Summary

This website contacted 67 IPs in 11 countries across 60 domains to perform 731 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is uploads.jovemnerd.com.br.

This is the only time uploads.jovemnerd.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
9	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
130	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:5000:10:4d98:7a80:93a1	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	52.95.164.120 52.95.164.120	16509 (AMAZON-02) (AMAZON-02)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
83	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
84	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a02:26f0:480... 2a02:26f0:480:22::1726:62d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
11 90	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 9	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
6 6	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
10 10	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.51.19.88 52.51.19.88	16509 (AMAZON-02) (AMAZON-02)
20	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
7 7	18.196.149.165 18.196.149.165	16509 (AMAZON-02) (AMAZON-02)
4 4	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	35.214.204.76 35.214.204.76	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
10 10	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
3	2600:9000:211... 2600:9000:211e:8200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 3	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.102 142.250.185.102	() ()
1 5	2606:4700::68... 2606:4700::6812:18ad	() ()
3 3	2a05:d018:d29... 2a05:d018:d29:3605:b2f6:43fb:c655:2341	() ()
3 3	216.52.2.30 216.52.2.30	() ()
19	138.201.220.30 138.201.220.30	() ()
3	185.89.210.101 185.89.210.101	() ()
1 4	138.201.64.38 138.201.64.38	() ()
1 2	144.76.91.199 144.76.91.199	() ()
1 2	138.201.63.165 138.201.63.165	() ()
1 2	138.201.84.244 138.201.84.244	() ()
1 4	116.202.48.214 116.202.48.214	() ()
9	141.101.90.96 141.101.90.96	() ()
5	2a00:1450:400... 2a00:1450:4001:806::200a	() ()
3	138.201.63.164 138.201.63.164	() ()
3	138.201.135.164 138.201.135.164	() ()
13 19	145.239.193.130 145.239.193.130	() ()
13	88.198.250.30 88.198.250.30	() ()
6	2a0b:4d07:101::1 2a0b:4d07:101::1	() ()
3	13.42.240.154 13.42.240.154	() ()
4 8	142.250.186.134 142.250.186.134	() ()
3 3	94.23.99.218 94.23.99.218	() ()
1	98.98.134.241 98.98.134.241	() ()
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	() ()
1	49.12.22.42 49.12.22.42	() ()
1	23.212.218.19 23.212.218.19	() ()
1	3.124.138.165 3.124.138.165	() ()
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
1	35.157.81.215 35.157.81.215	() ()
3	108.138.36.15 108.138.36.15	() ()
3	108.138.36.21 108.138.36.21	() ()
731	67

61 179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)

uploads.jovemnerd.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

130 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:5000:10:4d98:7a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

jovemnerd.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.164.120 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 142.250.184.194 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.153 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.32.185.35 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.204.158.49 (Groningen, Netherlands) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.193.173 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 198.47.127.19 (United States) 10 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.51.19.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-19-88.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.0.66 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.196.149.165 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-149-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.204.76 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 76.204.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.183 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.6.237 (Denmark) 10 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:8200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:18ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:b2f6:43fb:c655:2341 (None, ) 3 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (None, ) 3 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 138.201.220.30 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (None, )

ASN- ()

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (None, ) 1 redirects

ASN- ()

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.91.199 (None, ) 1 redirects

ASN- ()

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.165 (None, ) 1 redirects

ASN- ()

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.84.244 (None, ) 1 redirects

ASN- ()

hal900026.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (None, ) 1 redirects

ASN- ()

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.101.90.96 (None, )

ASN- ()

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.164 (None, )

ASN- ()

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.135.164 (None, )

ASN- ()

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 145.239.193.130 (None, ) 13 redirects

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 88.198.250.30 (None, )

ASN- ()

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0b:4d07:101::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.42.240.154 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.134 (None, ) 4 redirects

ASN- ()

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.23.99.218 (None, ) 3 redirects

ASN- ()

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (None, ) 1 redirects

ASN- ()

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (None, )

ASN- ()

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.138.165 (None, )

ASN- ()

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.81.215 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.15 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.21 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
228	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com	2 MB
153	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 ad.doubleclick.net 5994599.fls.doubleclick.net	599 KB
84	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	3 MB
62	jovemnerd.com.br uploads.jovemnerd.com.br jovemnerd.com.br	2 MB
39	redintelligence.net 5 redirects hal9000.redintelligence.net hal900011.redintelligence.net hal900018.redintelligence.net hal90005.redintelligence.net hal900026.redintelligence.net hal900013.redintelligence.net hal90006.redintelligence.net hal900015.redintelligence.net	227 KB
24	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com	2 KB
22	medialead.de 16 redirects pv.medialead.de medialead.de	15 KB
18	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	1 MB
13	media01.eu pb.media01.eu	3 KB
13	adnxs.com 8 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1682 ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495 ams3-ib.adnxs.com	37 KB
10	adform.net 10 redirects c1.adform.net — Cisco Umbrella Rank: 599	7 KB
10	pubmatic.com 10 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823	5 KB
10	openx.net us-u.openx.net — Cisco Umbrella Rank: 522 rtb.openx.net — Cisco Umbrella Rank: 695	1 KB
9	o2online.de portal.o2online.de	5 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	591 KB
8	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	5 KB
7	w55c.net 7 redirects pm.w55c.net — Cisco Umbrella Rank: 912	6 KB
6	office-partner.de adv.office-partner.de	5 KB
6	travelaudience.com 6 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	2 KB
6	simpli.fi 6 redirects um.simpli.fi — Cisco Umbrella Rank: 795	4 KB
6	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	1 KB
5	googleapis.com fonts.googleapis.com	4 KB
5	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
5	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	2 KB
5	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733 ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	459 B
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	593 B
4	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	1 KB
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	2 KB
4	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1824	701 B
4	ctnsnet.com 4 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	2 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com	2 KB
3	webgains.team cdn.track.production.webgains.team	7 KB
3	webgains.io analytics.webgains.io
3	webgains.com track.webgains.com	6 KB
3	lijit.com 3 redirects ap.lijit.com	2 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	1 KB
3	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	713 B
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 940	1 KB
3	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	595 B
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	1 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 66	24 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	retailads.net 1 redirects cdn.retailads.net	6 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	w.org s.w.org — Cisco Umbrella Rank: 2772	2 KB
1	bidswitch.net x.bidswitch.net	146 B
1	intelliad.de t23.intelliad.de	553 B
1	awin1.com www.awin1.com	704 B
1	futalis.de futalis.de	401 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	576 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 376	459 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	36 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	609 B
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
731	60

	Domain	Requested by
126	pagead2.googlesyndication.com	uploads.jovemnerd.com.br pagead2.googlesyndication.com tpc.googlesyndication.com 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
90	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
84	s0.2mdn.net	uploads.jovemnerd.com.br s0.2mdn.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
83	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com uploads.jovemnerd.com.br googleads.g.doubleclick.net s0.2mdn.net
61	uploads.jovemnerd.com.br	uploads.jovemnerd.com.br
27	googleads.g.doubleclick.net	pagead2.googlesyndication.com 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
20	googleads4.g.doubleclick.net	uploads.jovemnerd.com.br
19	pv.medialead.de	13 redirects hal900018.redintelligence.net hal900026.redintelligence.net hal90005.redintelligence.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
19	hal9000.redintelligence.net	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com hal900013.redintelligence.net hal90006.redintelligence.net hal900015.redintelligence.net hal900011.redintelligence.net
19	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
18	www.googletagservices.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
18	www.google.com	uploads.jovemnerd.com.br tpc.googlesyndication.com 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
13	pb.media01.eu	hal900018.redintelligence.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com hal900026.redintelligence.net hal90005.redintelligence.net hal900013.redintelligence.net hal90006.redintelligence.net hal900011.redintelligence.net
10	c1.adform.net	10 redirects
10	image6.pubmatic.com	10 redirects
9	portal.o2online.de	s0.2mdn.net
9	www.googletagmanager.com	uploads.jovemnerd.com.br www.googletagmanager.com adv.office-partner.de
8	5994599.fls.doubleclick.net	4 redirects uploads.jovemnerd.com.br
8	rtb.openx.net	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
7	pm.w55c.net	7 redirects
6	adv.office-partner.de	hal900018.redintelligence.net hal900026.redintelligence.net hal90005.redintelligence.net hal900013.redintelligence.net hal90006.redintelligence.net hal900011.redintelligence.net
6	ads.travelaudience.com	6 redirects
6	secure.adnxs.com	6 redirects
6	um.simpli.fi	6 redirects
6	sync.teads.tv	2 redirects googleads.g.doubleclick.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
5	fonts.googleapis.com	s0.2mdn.net hal900013.redintelligence.net hal90006.redintelligence.net hal900015.redintelligence.net hal900011.redintelligence.net
5	dis.criteo.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
4	adservice.google.com	5994599.fls.doubleclick.net
4	hal900013.redintelligence.net	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com hal900013.redintelligence.net
4	hal900011.redintelligence.net	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com hal900011.redintelligence.net
4	a.tribalfusion.com	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
4	match.adsrvr.org	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
4	onetag-sys.com	3 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
4	d5p.de17a.com	4 redirects
4	eb2.3lift.com	4 redirects
4	tr.blismedia.com	2 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
4	ssum-sec.casalemedia.com	4 redirects
4	gcm.ctnsnet.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	uploads.jovemnerd.com.br securepubads.g.doubleclick.net 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	cdn.track.production.webgains.team	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com track.webgains.com
3	analytics.webgains.io	track.webgains.com
3	medialead.de	3 redirects
3	track.webgains.com	uploads.jovemnerd.com.br
3	hal900015.redintelligence.net	hal9000.redintelligence.net hal900015.redintelligence.net
3	hal90006.redintelligence.net	hal9000.redintelligence.net hal90006.redintelligence.net
3	ams3-ib.adnxs.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com cdn.adnxs.com
3	ap.lijit.com	3 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	cms.quantserve.com	2 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	s.ad.smaato.net	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	csync.loopme.me	3 redirects
3	ssbsync.smartadserver.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	match.360yield.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	sync-tm.everesttech.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.bing.com	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com uploads.jovemnerd.com.br
2	dclk-match.dotomi.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	cdn.retailads.net	1 redirects futalis.de
2	hal900026.redintelligence.net	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	hal90005.redintelligence.net	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	hal900018.redintelligence.net	1 redirects 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	ad.doubleclick.net	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	r.turn.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	sync.1rx.io	2 redirects
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.de	uploads.jovemnerd.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.w.org	uploads.jovemnerd.com.br
1	x.bidswitch.net	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	t23.intelliad.de	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	www.awin1.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	futalis.de	hal900015.redintelligence.net
1	pixel-sync.sitescout.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	s.tribalfusion.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	adsdk.microsoft.com	6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s3-sa-east-1.amazonaws.com	uploads.jovemnerd.com.br
1	jovemnerd.com.br	uploads.jovemnerd.com.br
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
731	88

This site contains links to these domains. Also see Links.

Domain
desenkaixa.com.br
jovemnerd.com.br
www.magazineluiza.com.br
www.facebook.com
twitter.com
api.whatsapp.com
facebook.com
www.instagram.com
www.youtube.com
bit.ly
docs.google.com
luizalabs.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jovemnerd.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.s3-sa-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-06`	9 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
portal.o2online.de E1	`2023-10-01` - `2023-12-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.intelliad.de Thawte TLS RSA CA G1	`2023-07-31` - `2024-08-30`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 118 frames:

Primary Page: http://uploads.jovemnerd.com.br/
Frame ID: 9011CD4614EB6E56D86B420CD4270D3B
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: BF6755B64BFCEB73B7715B40FFA5F301
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8736974496737360&output=html&adk=1812271804&adf=3025194257&lmt=1698888417&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698892017655&bpp=3&bdt=214&idt=175&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5146471950288&frm=20&pv=2&ga_vid=898812799.1698892018&ga_sid=1698892018&ga_hid=1560177745&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078020%2C31079190%2C31079406%2C42532334%2C44805934%2C44807048%2C44807463%2C31078297&oid=2&pvsid=4027763832637265&tmod=2050395450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 3EE11636E2B5485747A5B2E7B2059D18
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5425B50FA13841223631864A24E062AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B92A464E587C575A2BDB86CC7892A7DF
Requests: 2 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86A48EC7EE6F6A12E0AC9E0DB3D555A7
Requests: 1 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97988D1C516D858C074ACE3C22B550F0
Requests: 19 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24516AD919D7BACD55A6F317FFE134D5
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F16A96768BF90686CFAF946AC0FE558
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 788F4CDB98558FD1D0641099D3BAAAAA
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2EC65FD3A4EAAE6585806735B70E83B1
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A40782428D396B091286BEC054FCE80B
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B91BA384FD23AE683FD587CD853162EC
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5410D6DABA3DFFAFF402CCBBC619F49C
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6150DE5CE46F7CFAA164CE2DD115A839
Requests: 15 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8621D19A02A1085B41212D4C33A4AE24
Requests: 13 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DB6A0DFADA4E3956B1DA2E5F582F91A7
Requests: 19 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A60D1F48EA5C2CCD79B75C7377B3157
Requests: 20 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 397E20CA89831B0F70B80BC9DCDF5C84
Requests: 16 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5FBB5B3264B90FF8FD83FDE9A46970C
Requests: 16 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E02D5CE8BA55308AA503B807BB9DB732
Requests: 15 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A20D22F653DE2A99C8E14E26A33417D
Requests: 19 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E2C505317531189101BE83A26EE95C4
Requests: 17 HTTP requests in this frame

Frame: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 699C90CB04E2399B2F0196392B2F55AB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGMH_gvwBMAE&v=APEucNX2C_qG6olXH3TN0ZxSdfgpi1oZnmxLrHN0f4VMjwv5ybFyMrwN6vzdPQ-V93OosjVZeUVzupPaegTONBff95XGhQeYKFBbt4T5c_kjfS4OOwSBhM-TV8IjnZVMXkNZddbK9GPPreSMM_DjjjQtsvnSJCPgTz9dTiKJqZfHWPBmU_1kSWQ
Frame ID: 599722F90CA9E9EA94C3A6C0CE0E4808
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA
Frame ID: C586288335CC9661763A295A38CE441F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 868DEF7CA84AD318D7AE3C521E278FC1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUmKsYaKNKrd58d60kZ-gVmn4sc_tECs1yXbYEhwJ6Zivswqld4CnLMOytTVSBDXjSnRkSID0D1kVilE-UNMJoMu4h81JU59RZX1RSIyPoM_TBWKuHWIF5aH-iVyxwuHxOpDNLqccy9bIvFij2QYLmoyQgKjO93sJhCCFYe6Rwh7hPXbHk
Frame ID: 15A0C4091B2DDCA3B006C69A60AD7953
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88B9389FD3524FB749FCFF6CB1997CC0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNWFhrg1yttX55UkNz3JlSGEaH7DrWZ5zVLlK-mS3xcvA1qUe1VdKWvmpyu8IwvjBPL7RuQ5gtcIiIya1Yyh-J7Jy1yy_qHsLKr5QCJhSueS5JURCBmuERTlsub5j5V1dW82b2QLdzLGWJ1fK67P5BfkwevepcjwRUtQWI9tY15gIiNbSV8
Frame ID: 1E8402D68FF5F54C15EE96DFE24051AE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74DDA38F8EDE975A581275A98463C7F0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUkWX_hQQA23O3kf09HipR_Ma84x3YRsUngPeidJ4C10iocpR4LfZJg8DUcz-4_5wxtNZ-UtQUSzjsw6jQAdgrPFCdU7b6_AHxTyLX6WEIlC59uS_kXL7oFC5XRnykWaDysN-f8swVKZnazPEA0gZB5IoFvcFl6OY8-YiquV9HzXqiDIV8
Frame ID: 58C672AEC6F537175BDAAAE6C434008B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFF624AE2909CE99C8E1966627EFF481
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi3y7P8ATAB&v=APEucNXTQP9WQxFS847OQRKYfeSREpZyLsFQCCGFUlxYL73V4NoxRSF7GxS9KGctp8n8al2jPukethxe32o58IvfUDVZOqjhuezYITELJH1jA9qPiU7Fmy5aKoimCh0jEHpmsVSPaCncWkXewjMuF4zgyLMdlhaaHPWVrDuCxGRgy4i3eYG0lyg
Frame ID: DD4F4C64BCE113D46D03A9F69AA0E34C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0070B03559617E60FD2B5C3FD09A338
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi3y7P8ATAB&v=APEucNXdnppcDQFrUivC2RUw4tQxPzdioI94XLKjS6SFkr2Tvnvyjel42thp9h09WVLQACgoCU518PpdTc_3VejD7koOYTpnbBTizstLs-RGl0bzxVNfcTwtHesBcfKgbB_bqODLOy8YE2XkkjVBH5Z61uyLesQJb7rgw9dgspaXvpRUc2e8V94
Frame ID: D0490E09123162FB4F601DF4606F5F90
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE9B032ACF1F560111A20B8766986FA2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNVl7lFZMIN-suNKqpE4-LIARwdc5j74kvaIOwsTdEvccBr9dmGevq8NVi4cmjb51WHfcW722IEPP2jrIy-rkmvItCj0tpaGHmFi-veQYBla6YKk9srWFmCzI0XDE--nsTxtwZzVTruuodlgJ1aBN4DrdKvPSgFdMB7cM1Pv-c8GgeX12yA
Frame ID: D94A8DC54BCE251FE55F8B73114D05DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D64DD412F4880F7957124F57B2AF267
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNUS1CC7TIW_74twobY8bVm5lBNaozvk10Hhc-SSKZ_k34HF2mQqdmZu6uo5KrzWqE3va9PqX9hMox7BDLpG_fY-RdDdET75DhJt30h4tJ6qAofD1eWWLK2ndx6PHYvyrFQlYQ0nrn_kZr5-hXJnp64sMaOLzLyNFlTiIZM5dSETF58r9wk
Frame ID: 596F7D095CCFE47B69B5296B6D98C6A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24B0E225A54CA685DC1DFFD0FA659253
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVosU-G1dWrHR56UZZyC16Iw57ufnULNBCc_Sf-SCx_DrzxKBHwNWmhvbedqRXK95InueYhDW9svHHhg2b81DvdyUxZjhuz376fLty76bvvkcho804zeGhMl02F4VkudCYSgCYrJs1QbrNRPi04KrtWmYZEt60PloCyqjitg3u6FWxVxQU
Frame ID: 90D97579219F6DF96D85BCB5B219E665
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXnzo5chtcY_eLnnm1FJTMCamTlQ-jG-rpAqas1NO7iaUX6AQoYFNxChiKE2cl-ZmZjiQpd14OFhHLDrLQGNZlxwJaelWzdss-d9W00GLWSdGmMtR7M0HO94x6FXVRVPiWPZXIaid-faQczkS8Vs5F0ivSMrd2iMkiu5UqECGBTSq71KkM
Frame ID: 743B5540EABA979FE83D36C9376F6F74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV4UADuQAZFQG9onh7gvfl_OT1yHXi2Bc--htaKpwNarCnNmMOQw2w3R3GKh09H5M7fpqtKXvoHOTS-dqmyFUf9IwdVquR8FNnL3sjKyMApXnh5djvE35UDxlp_cwOzncOBbfefYvHjb5wafstlGIw6Jn4UdPfsRY2CsAKDvGfse2yAA8s
Frame ID: 71DDBB7CBC6260D02D39B74EA61282B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVhWwITQw1YElZYBj84gEcRH3nJKwWpMX8bRPcChAdvYGvr9R5G18BxnR55VaFW_3B0FaUaQlAPBXHzRrj-hF--XkJ16Ru2140IBbILP_srYxQxmfsXrvGPoz4LaSUNYyDWz87gGUg1YnwGR0aO7aAhutI_wGe7O2DCI2W_ZcHR_kw1PII
Frame ID: A0278C8170120A59C5C0231DC56C422D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUQu0_b4WKjmLkgT7Bm00ex7gMJV4_1qeOSyV-atH76MrIbfy8APP7Cg5fqPfClknoRS7ve6ENvsm-5Ky-NbDVDcNCBFwQMJBEByr_7QgIXA4hyoekf5gYPmndOPpDCl9sJACqVbrmE_uRAYeqAytRszk5dOLTOavQAAmRcDHt-L2l_5yw
Frame ID: 3C42546528826F3C89EFA23800A5C63C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV2x52ZG8Z_U4vFHAj0Nd5s2WnYhDj9zbrxUPpiZNKGHHrHXv9bGQHZeH11aHLS7iVhpoMuqGyx4xzxOAc-XQny-zql0gkp04gq5ydjaoE4t8g_AXdMAGPXQBf3EeWw_eF_rbVLJnTdeFziBwB8MUGlYJYW_JKs1lrMPnT-aSc0AvdvwBI
Frame ID: 6E79093A7164D01DFC29D8299EECFC8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrkORq5MRW5mxwxugZuHzOSpasGW_uRqljiC5spt0GcZS80BK0kWHjYBsg9nUW00mPG4xnPjVi9r_ZL3if6rbjHNjZiKIQ0MIUa8Cv6WbQz9wx5q-TTUFUzG97iy_q--iIWvFaSZYiQA_SspUfD_HgaCpglVUsbFyLv_peLIalSmoeZnM
Frame ID: 9EB3984D205764A107785D60EE82AFD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNVvm-t5Vc7pQxCT4VVUn8eDIvk3G5Y5jURNsQH5jq_thD356T4eJKhdLkZXhppLDG4nOLQDhy2OWKUge_6IWTI-8q495_GEVtTzBqtgEbSrL9Aix6HEIA_zbu7Dy-Df-2c8igj2QhjE2kQX1gC1ncEkcL2-zwZ2NINvX7aKq7JFlQNUFkE
Frame ID: 9145E095430A9944B2A73FE8AA9EF967
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C92B40A53A702CB170C495A340E3ADA6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
Frame ID: 3952514D86FC3F2923F529C82E85BA89
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
Frame ID: 2510F2C36C88D69EEB4DF9F8EA485DED
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
Frame ID: FDB467D0CEA90A856234D68DB6641863
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
Frame ID: 1948AF225EDB17B8B7B44245B8096B6D
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
Frame ID: C2AA0C01D3A63EC81D113D568B471676
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
Frame ID: FEFC52659BA5D4FBB8F8BD67DDE2221F
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
Frame ID: E6EF525D23B56F00F4B36E27C8AC5797
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
Frame ID: A94742DDEC81A308AD9417E9C46CBA94
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F3C8E1067079F184A4777987EF23C183
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7D7D26DFCC78EC4CA2C2166A67DB3586
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 58E914EA00E5DD634E448D45BA36F5BB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5875F4BA43F47686F20E04E66571367D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8FE50F3D54858A03D3609CCB7E1AC5D5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BA38653C1A17238915EF23DC6DB1F5F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B46E974C13E24AE721B34C41FA98DC30
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B55EFDC104695039661CB51DACCA7A24
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEB57E6FCFA607F58C30156F2C51D572
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
Frame ID: 140EACFB0244930123A2A0196554E9FB
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 529AD6006DF2EC77C0157C9363DD2A19
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 94B02583BB5FB1F96761657A0B90492A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8A9DBCBD8BF59D984FD74C14326F628
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 67652C725A12103FA15EE319041762AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BAA0829379B4B35A700BE2E7733861D6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 07FDF63A0D934BA4F780A0034BB90C91
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250
Frame ID: 7FBA161394B2BAEFC942F772DA847BAB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A38C70913F1DF8CB35FAE4C3588324C8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E242407C881F051B1E57C7FCCDF3BB16
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C7A930D6D3004F5AECDDD6D4C1DD7754
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B63ADDD40CC2E0C4EBED8ED154EF569
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 5701BCF374690CAA09C60F051E8DE632
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 10DAFB2DCF57F01186475BE60188B76A
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b832&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 7A6482F9F128374D53F16EC9F4C18150
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 31A8BE7538973AFEA4EE8B8023EC741D
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 0215DC9F40477DFC08F1E626C50AFEFB
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b838&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: BF073663F2661A1C1103A683C9C82BAC
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: CEB6EBAA3BFA3D396927B0265E2D178E
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CE510FF77FEB27BBF72EAD06101BB674
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b839&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 16847448B61CF704107E751E149F8341
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=21719500007608904444554012496013&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 980BE49AE05E1CFEE669855B169E5DCF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C08163369F0265216C0836F8361603D8
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b841&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: B7F8E4FED99CB90DC260B3718D10DDFD
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371
Frame ID: BB126013BEA6A18EA197EF2F574DC5C8
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Frame ID: 0EF36E59D5BC0DEF64E1E48B55C4DA99
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60953600009174304444554012496006&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 6792D7E3507EA5D9E7F5BD9E4AF5EA35
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1309CD3AE7551079E70BD90B07B4871E
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b848&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: FF4B295E21D48C81E2BDECF6E4E7C34D
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33
Frame ID: 6B32AD5B055D3E0BD907EBD30623FAF2
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Frame ID: 756D7AC67521E279F9A60A8AA6E2EFEE
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83177400007497004444554012496011&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: EF7BC2BA3F158E6D66C0DABE16DA518A
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FBB273974DDEB5CE8805B90C570B355C
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b84c&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 684ECE74DCD83AE6B93748AE352B150F
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465
Frame ID: 2BC679630E84BF5678741A7FDEF7BFEE
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Frame ID: 084B70BA4A12FB0738FB213106E914B6
Requests: 6 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933
Frame ID: 55D22C5F02CD7136D46FA7427461611C
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48
Frame ID: C892AA6F132AE10B0B65BFA935EAC11F
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Frame ID: 9CE6ED0FCF5C10B008F18DD46EDBF610
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: F310A8826AB4935B87348370ED5C7956
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: 655E23EFE4BA9D7EA19B26DDEB099D2D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: 57131C7119CAEE91DDB1D895D1A55343
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: F5AB51313F105946C0590F0AE3EEACD5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: E220991A0F6F2D6B76994F58A8704B97
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: A4C21DDF05FE33514268AB4A15824DAC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: A72041FE64AE58F15D422ACC3C69F8AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D74B69E5FE39244747C1D938EC23A7D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 107DC3985E0AF87141E5731795A8F172
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 304684ABF6AA220E898CAAC3EE77805B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Frame ID: EF522D40A1378802B81B146F90B926DF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AAFAB8A357D0F68977E739C91DA38756
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jovem Nerd - Notícias sobre filmes, séries, HQs, games, animes, ciência, tecnologia e humor, porque rir não faz mal a ninguém!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

731
Requests

86 %
HTTPS

32 %
IPv6

60
Domains

88
Subdomains

67
IPs

11
Countries

9723 kB
Transfer

21247 kB
Size

39
Cookies

95 Outgoing links

These are links going to different origins than the main page.

URL: https://desenkaixa.com.br/
Title: DesenKaixa

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdcast/la-do-bunker/esqueca-tudo-o-que-conhece/
Title: Lá do Bunker

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdcast/nerdcast-rpg/rpg-ghanor-4-o-bardo-o-santo-e-o-bico-de-tamanco/
Title: RPG Ghanor 4

Search URL Search Domain Scan URL

URL: https://www.magazineluiza.com.br/selecao/intelacerdia/?utm_source=jn&utm_campaign=-ft_-nc_ads_intel_ads_jn_intel_toalha_bg-oc_&utm_content=-un_-ce_b2c-cp_ads-bo_none-ts_&utm_term=72507&partner_id=72507

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/mau-acompanhado/mau-falado/fofocas-nerds-e-vela-com-cheiro-de-florzinha

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/mau-acompanhado/mau-falado/fofocas-nerds-e-vela-com-cheiro-de-florzinha

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Fofocas%20nerds%20e%20vela%20com%20cheiro%20de%20%E2%80%9Cflorzinha%E2%80%9D&url=https://jovemnerd.com.br/mau-acompanhado/mau-falado/fofocas-nerds-e-vela-com-cheiro-de-florzinha&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Fofocas%20nerds%20e%20vela%20com%20cheiro%20de%20%E2%80%9Cflorzinha%E2%80%9D%20https://jovemnerd.com.br/mau-acompanhado/mau-falado/fofocas-nerds-e-vela-com-cheiro-de-florzinha

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/tudo-o-que-rolou-na-playstation-showcase-maio/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/nerdbunker/tudo-o-que-rolou-na-playstation-showcase-maio/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Tudo%20o%20que%20rolou%20na%20PlayStation%20Showcase%20desta%20quarta-feira%20(24)&url=https://jovemnerd.com.br/nerdbunker/tudo-o-que-rolou-na-playstation-showcase-maio/&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Tudo%20o%20que%20rolou%20na%20PlayStation%20Showcase%20desta%20quarta-feira%20(24)%20https://jovemnerd.com.br/nerdbunker/tudo-o-que-rolou-na-playstation-showcase-maio/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/the-flash-diretor-revela-participacao-especial/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/nerdbunker/the-flash-diretor-revela-participacao-especial/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Diretor%20de%20The%20Flash%20revela%20participa%C3%A7%C3%A3o%20bomb%C3%A1stica%20do%20filme&url=https://jovemnerd.com.br/nerdbunker/the-flash-diretor-revela-participacao-especial/&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Diretor%20de%20The%20Flash%20revela%20participa%C3%A7%C3%A3o%20bomb%C3%A1stica%20do%20filme%20https://jovemnerd.com.br/nerdbunker/the-flash-diretor-revela-participacao-especial/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/tina-turner-morre-aos-83/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/nerdbunker/tina-turner-morre-aos-83/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Diva%20do%20pop%20e%20do%20rock%20mundial,%20Tina%20Turner%20morre%20aos%2083%20anos&url=https://jovemnerd.com.br/nerdbunker/tina-turner-morre-aos-83/&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Diva%20do%20pop%20e%20do%20rock%20mundial,%20Tina%20Turner%20morre%20aos%2083%20anos%20https://jovemnerd.com.br/nerdbunker/tina-turner-morre-aos-83/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/compartilhamento-de-senha-netflix-configurar-conta-usuario-extra/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/nerdbunker/compartilhamento-de-senha-netflix-configurar-conta-usuario-extra/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Compartilhamento%20de%20senha%20Netflix:%20saiba%20como%20configurar%20sua%20conta&url=https://jovemnerd.com.br/nerdbunker/compartilhamento-de-senha-netflix-configurar-conta-usuario-extra/&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Compartilhamento%20de%20senha%20Netflix:%20saiba%20como%20configurar%20sua%20conta%20https://jovemnerd.com.br/nerdbunker/compartilhamento-de-senha-netflix-configurar-conta-usuario-extra/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/jogo-do-irmao-do-jorel-preview/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jovemnerd.com.br/nerdbunker/jogo-do-irmao-do-jorel-preview/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Jogo%20do%20Irm%C3%A3o%20do%20Jorel%20tem%20alma%20de%20point%20and%20click%20das%20antigas%20|%20Preview&url=https://jovemnerd.com.br/nerdbunker/jogo-do-irmao-do-jorel-preview/&

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Jogo%20do%20Irm%C3%A3o%20do%20Jorel%20tem%20alma%20de%20point%20and%20click%20das%20antigas%20|%20Preview%20https://jovemnerd.com.br/nerdbunker/jogo-do-irmao-do-jorel-preview/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/quanto-custa-assinar-todos-os-streamings-do-brasil/
Title: Quanto custa assinar todos os streamings de vídeo no Brasil?

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/mortal-kombat-1-anuncio/
Title: Mortal Kombat 1 é anunciado com universo renascido e muitas vísceras

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/disney-vai-remover-filmes-series-dos-streamings/
Title: Disney vai remover filmes e séries dos streamings para cortar gastos

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/velozes-e-furiosos-10-cena-pos-creditos/
Title: Velozes e Furiosos 10 tem cena pós-créditos; Saiba o que acontece

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/series-derivadas-de-game-of-thrones-lista/
Title: Conheça todos os derivados de Game of Thrones que estão em produção

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/direto-do-bunker/nova-versao-de-jornada-nas-estrelas-o-filme/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/bunker/categoria/filmes/
Title: Filmes

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/direto-do-bunker/guia-basico-de-coreano-para-fas-de-k-drama-e-k-pop/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/bunker/categoria/series-e-tv/
Title: Séries e TV

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/direto-do-bunker/playstation-xbox-nintendo-consoles-consumo-energia/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/bunker/categoria/games/
Title: Games

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdcast
Title: Ver mais ->

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdcast/caneca-de-mamicas/me-ve-um-doce-do-tamanho-da-minha-cara/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdcast/envelhecendo-na-base-do-choque-e-do-zoom/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdoffice
Title: Ver mais ->

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdoffice/top-10-pais-solteiros/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdplayer
Title: Ver mais ->

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdplayer/cities-skylines-gameplay-lazer-transporte-e-juventude/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/sr-k
Title: Ver mais ->

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/sr-k/se-organizar-direitinho/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdologia
Title: Ver mais ->

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdologia/henrique-viii-ana-bolena-e-a-igreja-da-inglaterra/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdologia/os-poderes-do-hyoga-de-cisne-incinerando-o-universo/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/marvels-spider-man-2-trailer/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/playstation-portatil-streaming/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/five-nights-at-freddys-help-wanted-2-e-anunciado-teaser/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/margot-robbie-queria-gal-gadot-barbie/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/star-wars-jedi-survivor-review/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/dragons-dogma-2-anuncio-trailer/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/king-kong-animacao-skull-island-teaser-data/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/final-fantasy-xvi-trailer-playstation-showcase/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/assassins-creed-mirage-data-de-lancamento/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/alan-wake-2-novo-trailer-data/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/metal-gear-solid-3-remake-anunciado/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/sword-of-the-sea-jogo-do-estudio-de-abzu-e-anunciado/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/fairgames-haven-studios-trailer/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/colunas/quadrinhos/indicacao-graphic-msp-monica-coragem-mouse-guard/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/colunas/pedro-siqueira/the-last-of-us-como-foi-jogar-e-ver-a-serie/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/colunas/quadrinhos/monstro-do-pantano-filme-trash-hq-alan-moore/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/netflix-estreias-junho-2023/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/heartstopper-2-temporada-primeiras-imagens/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/total-war-pharaoh-anuncio-previsao-de-lancamento/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/a-roda-do-tempo-temporada-2-data/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/marvel-escolheu-kang-vilao-apos-loki/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/the-flash-colecionavel-vilao/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/conv-rgence-league-of-legends-review/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/velozes-e-furiosos-10-critica-review/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/black-knight-serie-netflix-critica/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/zelda-tears-of-the-kingdom-review/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/redfall-review/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/rust-alec-baldwin-filmagens-finalizadas/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/the-idol-nota-baixa-no-rotten-tomatoes/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/como-assistir-playstation-showcase-24-de-maio/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/aranhaverso-2-musica-tema-em-japones-por-lisa/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/nerdbunker/the-flash-trailer-final/

Search URL Search Domain Scan URL

URL: https://facebook.com/jovemnerd
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/jovemnerd
Title: Twitter - Jovem Nerd

Search URL Search Domain Scan URL

URL: https://twitter.com/azaghal
Title: Twitter - Azaghâl

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jovemnerd/
Title: Instagram - Jovem Nerd

Search URL Search Domain Scan URL

URL: https://www.instagram.com/azaghal/
Title: Instagram - Azaghâl

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/JovemNerd
Title: YouTube

Search URL Search Domain Scan URL

URL: http://bit.ly/jn-ios
Title: Aplicativo para iPhone

Search URL Search Domain Scan URL

URL: http://bit.ly/jn-android
Title: Aplicativo para Android

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSe-bJ4a3aL4X0do1Wigr_A5qrwVClkX2DManB1BC3AQ9oMH7A/viewform
Title: Reportar Erro

Search URL Search Domain Scan URL

URL: https://luizalabs.com/
Title: Desenvolvido por

Search URL Search Domain Scan URL

URL: https://www.magazineluiza.com.br/selecao/samsung_diamonds_23/

Search URL Search Domain Scan URL

URL: https://jovemnerd.com.br/politica-de-privacidade/
Title: política de privacidade.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 208

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f8335bd5-e57f-4679-99fe-5120eb179eed&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f30f065a-20ec-4166-9a0a-7206cf1852b0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2818-0%29%3F%26RG%3D5169fd8d951d412b9a8f5c2f7b934283%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6285274&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=2014449315910612607 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(18-0)?&RG=5169fd8d951d412b9a8f5c2f7b934283&SNR=1&GV=2&med=10

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1

Request Chain 235

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPE602my_Y30SxJfCiDdgFQ&google_cver=1

Request Chain 237

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL3RDFbRs9LG63t6BnrbgDQ&google_cver=1

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGPVuF73sYzOEGU_OP-4gTw&google_cver=1

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEClRY0KW0zTe17EsCxrejvY&google_cver=1

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEK58I7n7liwEyOYeQHzPjYI&google_cver=1

Request Chain 307

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmRb5mgMapJitkYglmcqeySNqkOWysRVtFgch_GT-1__vBJSLWfqlnTRtocMoSXvMrb9O2UuDFHwbEtFoYRd7sCw1ob9uQchOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmRb5mgMapJitkYglmcqeySNqkOWysRVtFgch_GT-1__vBJSLWfqlnTRtocMoSXvMrb9O2UuDFHwbEtFoYRd7sCw1ob9uQchOg

Request Chain 308

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7gu2cGnJLNPbaVcoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=664391B105C0436F9BE0DB9F99E84135&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7gu2cGnJLNPbaVcoQ

Request Chain 309

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBIiE-pqQ4hMjTCBmFMBGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBIiE-pqQ4hMjTCBmFMBGQ&google_hm=Iftrco8nSEyLKDyiY_N8zYs

Request Chain 310

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmRk4G5iETjsauqQMJk9UIO95UFQxpK9Y66UdWqwhm6mGlULsO5UVeMyntM4AduZ6zL4G0gK9xksqMWizsKPrParfz7IioqQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmRk4G5iETjsauqQMJk9UIO95UFQxpK9Y66UdWqwhm6mGlULsO5UVeMyntM4AduZ6zL4G0gK9xksqMWizsKPrParfz7IioqQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aUZDAu5IRPGP0-40sE9sug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRk4G5iETjsauqQMJk9UIO95UFQxpK9Y66UdWqwhm6mGlULsO5UVeMyntM4AduZ6zL4G0gK9xksqMWizsKPrParfz7IioqQ

Request Chain 311

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_cver=1&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvTKWly3p6X4Z5tuzVmzZCcuIOJ65mjYFX-tiaUoeZRUlfys4b5GYSOKkEyJMqPids HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvTKWly3p6X4Z5tuzVmzZCcuIOJ65mjYFX-tiaUoeZRUlfys4b5GYSOKkEyJMqPids&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvTKWly3p6X4Z5tuzVmzZCcuIOJ65mjYFX-tiaUoeZRUlfys4b5GYSOKkEyJMqPids

Request Chain 313

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVvODI3CLpI1b8Rm6mzVWynBjixaVyyx49qtHcbZHj4BCya1F95g8xNLm16_3m2ogn0CaOjE HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHBty3-EkGTjSFE2M-XMXUU%26google_cver%3D1%26google_push%3DAXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVvODI3CLpI1b8Rm6mzVWynBjixaVyyx49qtHcbZHj4BCya1F95g8xNLm16_3m2ogn0CaOjE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVvODI3CLpI1b8Rm6mzVWynBjixaVyyx49qtHcbZHj4BCya1F95g8xNLm16_3m2ogn0CaOjE

Request Chain 322

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNrkUSf5bPo9Ntc4_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F989E653E744393B6B6B9AE38F7BFEF&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNrkUSf5bPo9Ntc4_g

Request Chain 324

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgKJYzocnvY1NcYCQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xsMjf7zTT1wQeDzn_LBacw&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgKJYzocnvY1NcYCQ

Request Chain 327

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfOsABINCLS80XWhXQGiNM&google_cver=1&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OErgU0Qmeju6Iu81PQzOOYJItagIHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HS0cwUzgtRS05TFNG&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OErgU0Qmeju6Iu81PQzOOYJItagIHg

Request Chain 328

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJbutAvdTjYqPyi3TPC3CHI&google_cver=1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698892020742 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f783e1d3-9223-451b-909f-ba8175a84914-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw%26google_hm%3DA_eD4dOSI0UbkJ-6gXWoSRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&google_hm=A_eD4dOSI0UbkJ-6gXWoSRQ

Request Chain 330

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BGEWUIM5XRi6RND0Gx-ZvKpNCGIXgZkgWMOq_aLhL30lLjIAiE-_oti HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BGEWUIM5XRi6RND0Gx-ZvKpNCGIXgZkgWMOq_aLhL30lLjIAiE-_oti HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BGEWUIM5XRi6RND0Gx-ZvKpNCGIXgZkgWMOq_aLhL30lLjIAiE-_oti

Request Chain 333

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmRdPy27mKbwbSJsIsc4ZkJZw7GMirARoXnuJk903GkBRKV9RfSLWeF7lzfhJeT_y3QPedakvxFLtMyR7Xck2yn5X1-j8WLr HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmRdPy27mKbwbSJsIsc4ZkJZw7GMirARoXnuJk903GkBRKV9RfSLWeF7lzfhJeT_y3QPedakvxFLtMyR7Xck2yn5X1-j8WLr&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdPy27mKbwbSJsIsc4ZkJZw7GMirARoXnuJk903GkBRKV9RfSLWeF7lzfhJeT_y3QPedakvxFLtMyR7Xck2yn5X1-j8WLr

Request Chain 334

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw&google_cver=1&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV

Request Chain 336

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&google_cver=1&google_push=AXcoOmSovh9x3ImaME36ggnIEm8S9MwLSnTm1KykO2zm9x5nIlAGEYD0uQKOdXnUmotL8Uki4L9RbxdllP0iaNI_qw5-MkrAfdcATQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4981196e-745d-4c96-bd2b-ce55678f1146&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSovh9x3ImaME36ggnIEm8S9MwLSnTm1KykO2zm9x5nIlAGEYD0uQKOdXnUmotL8Uki4L9RbxdllP0iaNI_qw5-MkrAfdcATQ&gdpr=${GDPR}

Request Chain 348

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQDiZf5QJCFOfHpih8eyjQCuUDuaLdpSgnNtKu2rWiE-PfP1LcrksysbQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQDiZf5QJCFOfHpih8eyjQCuUDuaLdpSgnNtKu2rWiE-PfP1LcrksysbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQDiZf5QJCFOfHpih8eyjQCuUDuaLdpSgnNtKu2rWiE-PfP1LcrksysbQ

Request Chain 349

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg

Request Chain 350

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6cHFIvkVEjiXPyGS0_KJyXA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6cHFIvkVEjiXPyGS0_KJyXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA5OTg1MTQ1MzcwMjY0NDM4Nw&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6cHFIvkVEjiXPyGS0_KJyXA

Request Chain 354

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&google_cver=1&google_push=AXcoOmT5XmH9-yBrSqPFCJcF5y5ggk2TSU2931MEMie_k62IRGn66nAmH8s25ELcH8F_QBMwGOg8dtr0z9byRy5b26qWWrDxit8D9Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT5XmH9-yBrSqPFCJcF5y5ggk2TSU2931MEMie_k62IRGn66nAmH8s25ELcH8F_QBMwGOg8dtr0z9byRy5b26qWWrDxit8D9Q&gdpr=${GDPR}

Request Chain 356

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1&google_push=AXcoOmTRAHznQKj2LXsdnIrZprXBGkP2JeeGblIueepNNOgjcYR9OX9NVlO4PKYSauYijhDn789F3lKYNc1ZIHxc6xsmUWGSiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4Njg5MDU4NDE5NjMzNDUwMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1

Request Chain 357

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9prE3MUFCByc91ND_IWC1yS1rUpxVeFA9Y8ByVpIU2RFEGmglJtw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9prE3MUFCByc91ND_IWC1yS1rUpxVeFA9Y8ByVpIU2RFEGmglJtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9prE3MUFCByc91ND_IWC1yS1rUpxVeFA9Y8ByVpIU2RFEGmglJtw

Request Chain 358

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NKolGKAOfE1NjY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B507E8D3FD6A44EE93AB25C48A08F6B0&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NKolGKAOfE1NjY

Request Chain 359

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCowhwfOk_diDG8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCowhwfOk_diDG8

Request Chain 361

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmQO-Y4pow4h46ST0terNlK4c9t-SoasLETr8jdJMuTpl4TPLrPgDvC1euxOT9AS7V8ZNAUPVOTyDXdqje5Zj5XNM3BjvRA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmQO-Y4pow4h46ST0terNlK4c9t-SoasLETr8jdJMuTpl4TPLrPgDvC1euxOT9AS7V8ZNAUPVOTyDXdqje5Zj5XNM3BjvRA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NOj5z4JTQbqEpOUYCfgJJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQO-Y4pow4h46ST0terNlK4c9t-SoasLETr8jdJMuTpl4TPLrPgDvC1euxOT9AS7V8ZNAUPVOTyDXdqje5Zj5XNM3BjvRA

Request Chain 362

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw&google_cver=1&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4

Request Chain 367

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmSiTmz8rnsp7xeE-LNMIczg65hD8BJ31f6SaURZrYgXSfF8N_7nOS0CohdFinrP1fMEC3yD8C4FUTjRLyZ3ikVAJxW8BIXG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmSiTmz8rnsp7xeE-LNMIczg65hD8BJ31f6SaURZrYgXSfF8N_7nOS0CohdFinrP1fMEC3yD8C4FUTjRLyZ3ikVAJxW8BIXG

Request Chain 368

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIIdq58J5BLJlLkBYbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIIdq58J5BLJlLkBYbA

Request Chain 369

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b7Lj9vXx-MclRaw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vD2ZGZ4vSEcyqD_7GBd9Ug&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b7Lj9vXx-MclRaw

Request Chain 371

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ74z2MlZubwMyUbWezvgZoDQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ74z2MlZubwMyUbWezvgZoDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0Njg4NDIxMDA4ODk1OTk0OA&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ74z2MlZubwMyUbWezvgZoDQ

Request Chain 373

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_cver=1&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFkRuXa5ZNoAPp47dmrb0tJfF3M1iDwXCUGgysc7Ppd4cZxioI6uGswKN0eBmahtiz HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFkRuXa5ZNoAPp47dmrb0tJfF3M1iDwXCUGgysc7Ppd4cZxioI6uGswKN0eBmahtiz&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFkRuXa5ZNoAPp47dmrb0tJfF3M1iDwXCUGgysc7Ppd4cZxioI6uGswKN0eBmahtiz

Request Chain 384

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1&google_push=AXcoOmSgZHTde1j8eUAwG-eizin7EPXH7dX_a8U7k4DE4n5lb98D6lzXnj9oebPlfZGwBdKVS1up4yPBVRqGQ-DDuha-NPPu3RO1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEyNzk1ODg1OTUzMzk5Mjg2OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1

Request Chain 385

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicchGIc-40vR9XJswt-O3K4N HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicchGIc-40vR9XJswt-O3K4N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicchGIc-40vR9XJswt-O3K4N

Request Chain 388

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXkcOCraZjccY3mcGkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXkcOCraZjccY3mcGkM

Request Chain 390

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDVViVSMVxb-EVQ2rg1mri0&google_cver=1&google_push=AXcoOmQzC6kNFbwp3BTAHkEypNdwBDWEJEHrKDo0vRhvopIeWtS-F0WlnA3OjIv0GnCYwMFyNJnJ2ia-bgISIz1fQFoCK3muP7f4Jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQzC6kNFbwp3BTAHkEypNdwBDWEJEHrKDo0vRhvopIeWtS-F0WlnA3OjIv0GnCYwMFyNJnJ2ia-bgISIz1fQFoCK3muP7f4Jg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 394

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAKMLVLdgB0VwQBlwrdeBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAKMLVLdgB0VwQBlwrdeBw&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Request Chain 395

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW2gGp1i3yqz1e HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=i7h7dULYTsM72PRTLYNPjQ&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW2gGp1i3yqz1e

Request Chain 396

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fxG1Kmp861_G1vzrGDyZdmYg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fxG1Kmp861_G1vzrGDyZdmYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU4NTExMjgyMjY2NDE1MDg2OA&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fxG1Kmp861_G1vzrGDyZdmYg

Request Chain 398

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmT2CK1NYLwH6BeiA8ELtEw3EooI7sD7Cou2A96eyasQnAXM7-_y4YD9a6tvKyNtVPQgtuqNGoWdAoNDM4MhZ1w2GwGJW4_6Mw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmT2CK1NYLwH6BeiA8ELtEw3EooI7sD7Cou2A96eyasQnAXM7-_y4YD9a6tvKyNtVPQgtuqNGoWdAoNDM4MhZ1w2GwGJW4_6Mw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMRXeB0BRC-pK0s5RTM20Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2CK1NYLwH6BeiA8ELtEw3EooI7sD7Cou2A96eyasQnAXM7-_y4YD9a6tvKyNtVPQgtuqNGoWdAoNDM4MhZ1w2GwGJW4_6Mw

Request Chain 451

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 452

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV70jJ_2g1e2iUC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV70jJ_2g1e2iUC

Request Chain 454

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6HloPmjQ4Eg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6HloPmjQ4Eg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Request Chain 455

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q&google_hm=HlizuGZHKo5w2VaUQ1afSrYh

Request Chain 457

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9uar6yBgw78WddF_mRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9uar6yBgw78WddF_mRQ

Request Chain 500

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 501

https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 502

https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 503

https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 504

https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 505

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTf6AMyQV9p6ltXMvUUAJE&google_cver=1&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLeosA9bCr9MhNQn3iryC-vX4sbSGGuTCN5P26u5I7aY HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLeosA9bCr9MhNQn3iryC-vX4sbSGGuTCN5P26u5I7aY&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ

Request Chain 507

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrLkSiZXDd1shcXR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrLkSiZXDd1shcXR

Request Chain 509

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNAJT_6iA12zm7D HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNAJT_6iA12zm7D

Request Chain 510

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2x8_df HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2x8_df&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Request Chain 511

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1tQtiqgW7I-lLGwJ601DOCKxf4dQc6-MVCeL21qBFwkq4x1Jo69vRMpreM8dscTOkK6YyXeGkBpXAT5ZzyKVvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1tQtiqgW7I-lLGwJ601DOCKxf4dQc6-MVCeL21qBFwkq4x1Jo69vRMpreM8dscTOkK6YyXeGkBpXAT5ZzyKVvA

Request Chain 595

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 597

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b832&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 598

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 600

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 602

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b838&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 603

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 605

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 607

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b839&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 608

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 610

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=21719500007608904444554012496013&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 612

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b841&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 614

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371

Request Chain 616

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 617

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60953600009174304444554012496006&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 619

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b848&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 621

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33

Request Chain 623

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 624

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83177400007497004444554012496011&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 626

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b84c&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 628

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465

Request Chain 630

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 631

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTf6AMyQV9p6ltXMvUUAJE&google_cver=1&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJlpUmF5mKjFuZxzOaUqCucPt8GobvN8R_bhQZoPKcgn3w HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJlpUmF5mKjFuZxzOaUqCucPt8GobvN8R_bhQZoPKcgn3w&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ

Request Chain 633

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUWrCWaP8s3LFH5aV2w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUWrCWaP8s3LFH5aV2w&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS

Request Chain 634

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEiW_FsfRJ_geLwnSjTaLXiyNRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEiW_FsfRJ_geLwnSjTaLXiyNRA

Request Chain 635

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmR1aA_iWT2hYVQtOck6gQv5BFqP5hu7w2LDamuOYeIDqVUF6Vb6HhwKuCiMsqEuSCGbpXErSHf4xH81KdDFgS27hlMb-v5Egw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1aA_iWT2hYVQtOck6gQv5BFqP5hu7w2LDamuOYeIDqVUF6Vb6HhwKuCiMsqEuSCGbpXErSHf4xH81KdDFgS27hlMb-v5Egw

Request Chain 636

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_XmcV0KetLXqGWrg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_XmcV0KetLXqGWrg&google_hm=HlizuGZHKo5w2VaUQ1afSrYh

Request Chain 639

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=44808800008719904444554012496015&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933

Request Chain 640

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48

Request Chain 704

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmTid4OOvGKPKOXnW2CmDjeXqNnr9GjQiqNsrJdvXZ2EL18xoXWA9QUhbwAyCbGXqEh_mMPixN3ERZ-M1j2WglsKrF2fUynV0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVNSTlBQUFwZWhDMFFCaQ==&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmTid4OOvGKPKOXnW2CmDjeXqNnr9GjQiqNsrJdvXZ2EL18xoXWA9QUhbwAyCbGXqEh_mMPixN3ERZ-M1j2WglsKrF2fUynV0g

Request Chain 705

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSvngPGNpg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSvngPGNpg

Request Chain 707

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDVViVSMVxb-EVQ2rg1mri0&google_cver=1&google_push=AXcoOmQ8SvIXPihDvZ1cGKzXNYMAesXDFJm4S4uJ1AI9jTToW8BII-jL0VWuO4Vh7TyGpKGpAxqQjXW-fMACnrfqlCM8uNfzioVoGAM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ8SvIXPihDvZ1cGKzXNYMAesXDFJm4S4uJ1AI9jTToW8BII-jL0VWuO4Vh7TyGpKGpAxqQjXW-fMACnrfqlCM8uNfzioVoGAM HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 708

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_Z_1x8soyf217rSgyQukA8qp4QD168NdPVovr7c-NnhzUKLXJ5m0UzKAZF4FYLubt8yE4CPASuMUQad9RU4p8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_Z_1x8soyf217rSgyQukA8qp4QD168NdPVovr7c-NnhzUKLXJ5m0UzKAZF4FYLubt8yE4CPASuMUQad9RU4p8w

Request Chain 715

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff40wXzwhyk7j55lyPzp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff40wXzwhyk7j55lyPzp&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Request Chain 716

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhFAsY-cosfRWqbyiWg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhFAsY-cosfRWqbyiWg&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS

Request Chain 717

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOPh5qLdTg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOPh5qLdTg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Request Chain 719

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbswNKR9jesYfx54uPNZ4s2YfsWw9N9WIBsCPsGpAvlcrCqVycvGRbhn4skwFlFt2O8-n1_-E5Zjnk0cyCrS8xPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbswNKR9jesYfx54uPNZ4s2YfsWw9N9WIBsCPsGpAvlcrCqVycvGRbhn4skwFlFt2O8-n1_-E5Zjnk0cyCrS8xPA

Request Chain 725

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRb8eYkbGupCdO809Y5wVVXjKW8qFqLNgkZprK1fit8UeNbeUVLdfx26AkSvG03Xug69j_KAE645RP91G_rWVWh5MvExfsNaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRb8eYkbGupCdO809Y5wVVXjKW8qFqLNgkZprK1fit8UeNbeUVLdfx26AkSvG03Xug69j_KAE645RP91G_rWVWh5MvExfsNaA

Request Chain 727

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LDib6z06fkwT7FJ7WhMXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LDib6z06fkwT7FJ7WhMXA&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Request Chain 728

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIupXfNHWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIupXfNHWw

Request Chain 729

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKGpyNa_zkamiU-FjhjQnhIqP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKGpyNa_zkamiU-FjhjQnhIqP

Request Chain 731

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJQVQt08_VNjo9d8zWpfd_4&google_cver=1&google_push=AXcoOmSmoOOL6E-KPt8hRH0NlIkVPtz1FKIgE-F-vlK350ko0ZSm6wW3EG9ZjBWpNspXpwdPiJH37pSL2x7jHdEQbk4bxn7CQd3WXQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSmoOOL6E-KPt8hRH0NlIkVPtz1FKIgE-F-vlK350ko0ZSm6wW3EG9ZjBWpNspXpwdPiJH37pSL2x7jHdEQbk4bxn7CQd3WXQ

Request Chain 739

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAtUjJkb-YvV4Z_Jg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAtUjJkb-YvV4Z_Jg

Request Chain 742

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmSXHtEoQTZpUk6dJ9ha8aeGD1lvzpespCcz6eZTXbDCuaMGSpGa0AQ3NTBgjHVSy-tgCq3KFsULzhL8eaRTLE2tYjSoVbfwNOI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSXHtEoQTZpUk6dJ9ha8aeGD1lvzpespCcz6eZTXbDCuaMGSpGa0AQ3NTBgjHVSy-tgCq3KFsULzhL8eaRTLE2tYjSoVbfwNOI HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 743

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaasxQva-ljzxI8F9gY_BKIM4Gb_084I0FIF1LjS9RwPObU5GEjj0p5r5vDi5sZluiuRTAapHtpDrLy0CpJx2306w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaasxQva-ljzxI8F9gY_BKIM4Gb_084I0FIF1LjS9RwPObU5GEjj0p5r5vDi5sZluiuRTAapHtpDrLy0CpJx2306w

Request Chain 744

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&google_cver=1&google_push=AXcoOmTgE7ViYwfltdTx8SSd-9A9jSCkbgU5Ac-gx_1vXwP7pjHWwhr-JMIJTG6QTICJ6Ks-_8WBwX74bK_5n-rneZHpF0gzHC32HyM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTgE7ViYwfltdTx8SSd-9A9jSCkbgU5Ac-gx_1vXwP7pjHWwhr-JMIJTG6QTICJ6Ks-_8WBwX74bK_5n-rneZHpF0gzHC32HyM&gdpr=${GDPR}

731 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
uploads.jovemnerd.com.br/ 94 KB
20 KB 936ms
7ms Document
text/html 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://uploads.jovemnerd.com.br/
Protocol: HTTP/1.1
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: 444a576f1111762fe24ea07fe7acdd672bc13f1f991a64811ae92c9654ab6e0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Nov 2023 02:26:57 GMT
Expires: Fri, 03 Nov 2023 02:26:57 GMT
Link: <https://jovemnerd.com.br/wp-json/>; rel="https://api.w.org/"
Server: Somerset
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 67ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98571-1

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ef294ec532a97878fa14b7eb2e00191c7766b659c08720890a660eaf6afbf51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64805
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8736974496737360

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fba7e3710de496390723771763719dcd36d60feaf58fda368c9b4385b4700026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Origin: http://uploads.jovemnerd.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51912
x-xss-protection: 0
server: cafe
etag: 1160480960013501073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 118ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

793840cc626e5360cf6b7010930af86a10a39fe2feb132e20b2569c2871284d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29893
x-xss-protection: 0
server: cafe
etag: 126 / 19663 / 31079209 / config-hash: 9369610358558058957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H2 200 wpforms-full.min.css
uploads.jovemnerd.com.br/wp-content/plugins/wpforms-lite/assets/css/ 39 KB
6 KB 33ms
14ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.jovemnerd.com.br/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 18:23:57 GMT
server: Somerset
etag: W/"6303c9bd-9be9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 style.css
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/ 268 KB
49 KB 26ms
7ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/style.css?v=9.4.0
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: 9affa55fab58e5a447a7026e1a285f30f0c0a75e677307f52f33ac9d5c6c346c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 13:32:06 GMT
server: Somerset
etag: W/"65030b56-42ff4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 main.min.js Show response
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/js/ 340 KB
102 KB 34ms
14ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/js/main.min.js?v=9.4.0
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: 2aec5466d16e21e45c9c419e1a45bd579e0e99ae503b8a7c150bbc1f1781aca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 17:34:18 GMT
server: Somerset
etag: W/"64d51f9a-551c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 insert-new-ads.js Show response
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/js/app/ad/ 8 KB
2 KB 41ms
22ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/js/app/ad/insert-new-ads.js?v=9.4.0
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: 0742ab5172112400e99c4fa095f4c8d6e7182c6fc7c73ce98829edff677a7b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 20:59:03 GMT
server: Somerset
etag: W/"63979617-2034"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 ma52__ebquw2st5-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 57 KB
57 KB 42ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ma52__ebquw2st5-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f5cb49fe55ba7aa5778ded61a16997ff2ca4d9d4408a6057e5ed36c74b5f94f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 69897
etag: "1f55ea729bb3a58f98812c1e12db11a8cf5d1d94"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 57950
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 tudo_o_que_rolou_playstation_showcase_v__2x3y2n6q-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 30 KB
31 KB 48ms
30ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/tudo_o_que_rolou_playstation_showcase_v__2x3y2n6q-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 47ca9983c13cabcf926ba237ae839f6371115105e7efd59d78208c6ea32d1a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 44962
etag: "85005d049f1d7f921c6fc25e3f02a23c266d4c7f"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 31174
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_flash_participacao__vqns2h5o-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 14 KB
14 KB 12ms
12ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/the_flash_participacao__vqns2h5o-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d11df6f98dd59f641303c583b7082cbbc2bec06906413a46696b1f265dfeeeac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 26298
etag: "10784288c08a117cfc2425cd6235ac7389eba717"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 14384
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 tina_turner_mad_max__simx81h-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 57 KB
57 KB 10ms
10ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/tina_turner_mad_max__simx81h-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c87d03dfc56333929aaa699596acee16cdcfb7ac83eeb31d3a8b57c0bb8e8bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 67707
etag: "415ae44b8eddab2d8aed30f6002d1061c3d26347"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 58322
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 netflix_como_compartilhar_senha_wandinha__mxcwyl05-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 36 KB
36 KB 17ms
5ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/netflix_como_compartilhar_senha_wandinha__mxcwyl05-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 852823b7b3af8889256630a2ef7fb54e88397edead6e0260fe363817bb4a00bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 53357
etag: "4715234c2989971eafff117ca2f454c68310c113"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 37128
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 jogo_do_irmao_do_jorel_preview__fhm0l4b-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 50 KB
50 KB 23ms
9ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/jogo_do_irmao_do_jorel_preview__fhm0l4b-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c52d43b130490aed976a08c7c931f063643dac84202c7907862256f70d15205c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 65627
etag: "a59ad738d430809658de510825dd82e9d18f5b43"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 51346
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 star_trek_o_filme_nova_versao__rvqj90-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2022/09/ 37 KB
38 KB 25ms
10ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2022/09/star_trek_o_filme_nova_versao__rvqj90-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3b9ac11a1715a41e95ae26019753f0a8ae52ad14656d647054c4e70571681329

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 62816
etag: "7741d8a4b57e09dd6ce1d814e3b835d4028697f9"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 38300
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 coreano_kpop_kdrama___bet2kn10-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2022/06/ 49 KB
49 KB 26ms
11ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2022/06/coreano_kpop_kdrama___bet2kn10-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: aef5b16911dc18d752e001631709bb86cba3fc1307916c2e8cbef6f996bbd121

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 50771
etag: "32180b0b5af22b3c7e79552097522c18aa4deb2e"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 50120
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 consoles_capa__2jc1607kp-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2022/04/ 15 KB
15 KB 26ms
12ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2022/04/consoles_capa__2jc1607kp-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7ace0c8d4285602cfa9a553c1d86c003462f8488ecb65d109268970cf04022bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 28982
etag: "e2026d5c6f63c2ffdbe52af6ffac0919203a9443"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 15296
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 template_capa_site_3025x1362_etiqueta_97__ei3rbn5yq-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 73 KB
74 KB 30ms
16ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/template_capa_site_3025x1362_etiqueta_97__ei3rbn5yq-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1b54b70b5efdba080484ba57b3431cd51da51ca59d09f24777294cb5a83bafa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 107444
etag: "030c6875fb0c9d9c9c7383b2b61b2fa1a14b7120"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 75194
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 cdm_107_me_ve_um_doce_do_tamanho_da_minha_cara_cover__04g4tarb-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 89 KB
89 KB 32ms
18ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/cdm_107_me_ve_um_doce_do_tamanho_da_minha_cara_cover__04g4tarb-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a45b7a51c820f8409fd97f0f28f67e754cb384cb11fe82aebaa679a14170158c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 137073
etag: "b68fc82ba9811d15316c5aa5b294f9c7dfb87461"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 91286
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 nc882_envelhecendo__uq9ln4yza-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 84 KB
84 KB 34ms
20ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/nc882_envelhecendo__uq9ln4yza-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a7448fb068ea063062dbfba1473a99f8a49768544789949c50d45eba3fb5dc7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 117448
etag: "3103192b0a183f85fe383725d635a3572de9c536"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 86022
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 vitrine_nos14e20_top10paissolteiros_b_v6__gy253wimf-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 56 KB
56 KB 40ms
27ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/vitrine_nos14e20_top10paissolteiros_b_v6__gy253wimf-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c56389d8522a5ff1456ad40cacc1453e9d1aacc19e51a1dc684afe60b7117f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 83602
etag: "0f655a740cefc3a280ae90b12f93263822646526"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 57168
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 vitrine_np685_citiesskylinespt9_b_v7__57wg08se3-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 59 KB
59 KB 41ms
28ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/vitrine_np685_citiesskylinespt9_b_v7__57wg08se3-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1839b91597c342a4fb450a80cc7bd9414fc31b0ece6e0ac74d4fae85b9dfb787

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 88567
etag: "c2ca565e1271316d6da525a200cc2e24f2313791"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 60214
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 vitrine_srk_161_b_v5__02539yf0s-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 57 KB
57 KB 43ms
30ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/vitrine_srk_161_b_v5__02539yf0s-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: abcde79ebe90d19befe7f2f25bc299f0b6d3cbe62831d44826e71d026c8dfe8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 83450
etag: "23b7ec99202e5f91f0b82930a0a7cad9fe3dbc2d"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 58056
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 vitrine_785_a__3j02vp8b-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 83 KB
84 KB 49ms
36ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/vitrine_785_a__3j02vp8b-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b594e9730508d01fb9d6420ab7474d142234ccb1c5f3da201dcd1f2772cc2494

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 112617
etag: "c91005324953ebe31a878e392ad027be7a41d011"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 85462
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 vitrine_nerdologia_cavaleiros__02g062-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 65 KB
65 KB 50ms
37ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/vitrine_nerdologia_cavaleiros__02g062-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: de3c185e5997c594aebe0fb64ba06a9f608553d58719aea47ddcd09bcc49e42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 98696
etag: "c4f232619cdc896821d82a1b075c543240c6fac8"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 66568
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 marvels_spider_man_2_trailer__cyht31i-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 28 KB
28 KB 60ms
47ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/marvels_spider_man_2_trailer__cyht31i-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 486ea7c1c8c7b29342058343e0aef7890e0720eef098f9adc468599f8e6222a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 42157
etag: "c36b996e1abecc9bb7f65205a6a9356855febdad"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 28200
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 playstation_perifericos__u12545-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 13 KB
13 KB 60ms
48ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/playstation_perifericos__u12545-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 64628281ba1370a8323eb1423e4e3a255cc7d8210aeee6aa4d05aa32111002bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 28767
etag: "a41903bee5bf325d5719eb958b6d7920b50ec4e0"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 13094
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 five_nights_at_freddys_help_wanted_2_e_anunciado_teaser__30kb6t932-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 15 KB
15 KB 61ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/five_nights_at_freddys_help_wanted_2_e_anunciado_teaser__30kb6t932-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b555d97cd73db32a9b70dc22f3196048fed929345916d8ac09566fd049536dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 27331
etag: "7c7cbc39d03585f765091552d8b62f5ab198fabc"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 15158
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 barbie_filme_margot_robbie__0s928b02-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 17 KB
18 KB 62ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/barbie_filme_margot_robbie__0s928b02-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 72d99db5b8dd5e243a6204387e411faa73f4c793b83b848ee99f1bdf3d432e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 31636
etag: "c515f30d65498d3df6aa00803896dce7877cbebe"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 17894
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 star_wars_jedi_survivor_review__3h7u25g-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/04/ 23 KB
23 KB 62ms
50ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/04/star_wars_jedi_survivor_review__3h7u25g-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: bec590a08d2dadeb5a2780ca2dbcd6165ac3dc26449f360ad4f660bb6f17824c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 36639
etag: "ebbde6d26cd4be89ea5fe9825d15683c52b96abd"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 23818
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 dragons_dogma_2_trailer__g29hqk425-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 13 KB
14 KB 62ms
50ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/dragons_dogma_2_trailer__g29hqk425-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c1e4ef9b55d1d9f59caf3c07cca800d0e1f5f9e0b20b5e98a70ce09e83401686

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 33464
etag: "83ffc7be82c243afc1eb66567126a3ac4cdf9ec8"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 13698
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 king_kong_animacao__20i0v9b2-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 14 KB
15 KB 62ms
51ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/king_kong_animacao__20i0v9b2-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a230d091756111e3e5997fea9350a835e439e10d64b247611dfda813dc9e3bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 30676
etag: "750ca6c6102c8299f92f4846f852296e62caac80"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 14740
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 ffxvi_playstatin_showcase_trailer__zm82j3-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 12 KB
13 KB 63ms
52ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ffxvi_playstatin_showcase_trailer__zm82j3-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: bd9c71029ac6d5dc50b1c6821afac3eb026eb1cd9669cfbdcf03ad131bda4f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 23976
etag: "38d0c50676dace50393f90c78fd8937690f7c44c"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 12664
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 assassins_creed_mirage_data_de_lancamento__jixfew-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 26 KB
26 KB 63ms
52ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/assassins_creed_mirage_data_de_lancamento__jixfew-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 85e8d1af0074da8d8770cd722ad2ab3e8e8835eeaf8f6947f4c68fdcb81322fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 39773
etag: "e35fe254492d319df9a3a047ef71bb19dd53356c"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 26896
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 alan_wake_2__tsn5crz4-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 13 KB
13 KB 68ms
58ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/alan_wake_2__tsn5crz4-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e8dbfcc18a4a30652c37b9c3125419c0332ceb10fcbca22484ae97588eb569aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 30241
etag: "04ce38028601dcbb1cde9d9b1f3eb7a8bbc9a1c3"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 13066
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 metal_gear_solid_snake_eater_remake__4wi2v900-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 9 KB
9 KB 74ms
64ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/metal_gear_solid_snake_eater_remake__4wi2v900-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b437ba02e7fa2f4f63f722fdb472b207dcfd73ce195558790bd4b4b956c1faea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 22494
etag: "cb0973dfb350e7651c960039062e7317b057ca34"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 8774
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 sword_of_the_sea_jogo_do_estudio_de_abzu_e_anunciado__gv2035bqc-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 9 KB
9 KB 75ms
65ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/sword_of_the_sea_jogo_do_estudio_de_abzu_e_anunciado__gv2035bqc-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 359cccf07b0002d9ab019f89d49712716882ffbe0b56bfa835f5a305069ed13e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 18312
etag: "a4a20ef3dcd356f21ea68de544c1f749065841c4"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 8712
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 fairgames__m46e2j-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 12 KB
12 KB 75ms
65ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/fairgames__m46e2j-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 03dff9f7e28610d42451f69253234f09df0199d2518ab586a1d413132703613a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 29299
etag: "b033c0ce5534d8a4a41cbc0b654e248460d275a1"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 12416
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 graphic_msp_monica_coragem__o0irj5b0u-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/04/ 33 KB
33 KB 76ms
66ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/04/graphic_msp_monica_coragem__o0irj5b0u-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 594601467b6f9391f7ce920068afa693f7dd865f99144a1c05d3ce20a03c1e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 60812
etag: "e18378321d0fac01d9c549f46ac8e62314532661"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 33692
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_last_of_us_coluna__10hrk3682-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/03/ 26 KB
27 KB 76ms
67ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/03/the_last_of_us_coluna__10hrk3682-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f24b8b5aa1af942584a8d652d84ffcac663c3c218d6523c7ab4d1cbbe1ffab83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 40385
etag: "a0a9c5c45e6664a71ca50b55b2261293aae3ba9a"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 27090
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 monstro_capa_1__k82h2xe5-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/02/ 47 KB
47 KB 77ms
68ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/02/monstro_capa_1__k82h2xe5-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1f822d21a58289d261181e07e4d6d142ee7993259b2f5ccbdb21b160cbcc40fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 73640
etag: "2236e283d51f57fce4593fb9705b1d7fae4657b4"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 47968
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_witcher_estreia_netflix__4q99jm8l-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 54 KB
54 KB 77ms
68ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/the_witcher_estreia_netflix__4q99jm8l-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ea2e043cdf6c48c82abc85edadfa7d36c0c9ec1e419045b0a5097ed99c09dffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 63689
etag: "4d88af74c89f4b6a8713b7fd1a6abd0ad847e0db"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 54806
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 heartstopper_2_nick_charlie__8mzbk0-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 36 KB
36 KB 78ms
69ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/heartstopper_2_nick_charlie__8mzbk0-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d69d31312f38eb031f175b97d54e5e36fa7924c3cbd310f87df5517682df120d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 67347
etag: "b8465a66925e6424c97cc103c7ce8e2ed035d02c"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 36990
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 total_war_pharaoh__1c092afqu-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 70 KB
70 KB 79ms
70ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/total_war_pharaoh__1c092afqu-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 978a3465c90255427186a1451c879ae27966862dc43f16a800de9268ac93fa9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 89599
etag: "72be5cb6f40bce1b4f20afb3be81989d75db0f35"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 71756
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 a_roda_do_tempo_temporada_2__2v2y2za61-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 19 KB
19 KB 83ms
75ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/a_roda_do_tempo_temporada_2__2v2y2za61-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 907e5ac2db6e5abaaba645ca0008e03a2b1852782bb0d614217212315493c14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 33190
etag: "eb542048d63b6096f77ed58a2d0282e28432a5b8"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 19200
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 jonathan_majors_kang_loki__02363c9e-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 36 KB
36 KB 84ms
75ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/jonathan_majors_kang_loki__02363c9e-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1f6f0b50d1257fe9524adef597c812102814062c5037f75c796c013e7f4b5ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 51427
etag: "4432f4a3b27ed5baf27553e10e9138a2bafca8aa"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 36356
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_flash_colecionavel__b5o2qsre-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 27 KB
27 KB 85ms
77ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/the_flash_colecionavel__b5o2qsre-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1baa480e68f462ca11df407d0a753f4341e51f836133a24af059fd7c8642b117

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 42998
etag: "e0d3a90e1b6b153a37070f65c340c8fb49af8f04"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 27570
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 convergence__142wpf22-448x644.jpeg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 58 KB
58 KB 86ms
78ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/convergence__142wpf22-448x644.jpeg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a76da4f4a586693a9c34ac90e60747e32d2c69a1717edac770b4e42acb09824c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 67756
etag: "5217d2435bf3827ffb48b43b58b3edb2b3d08243"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 59486
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 velozes_e_furiosos_10_cartaz__563ipz1-448x644.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 61 KB
61 KB 90ms
82ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/velozes_e_furiosos_10_cartaz__563ipz1-448x644.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7d268abdffbdb45abbd463962c5f989ab057c2bb2890a60cfc421e0cfffca647

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 68105
etag: "06b17501658f35df0f041b56465840fe952a6cfb"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 62478
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 black_knight_cartaz__26r87fn-448x644.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 34 KB
34 KB 94ms
86ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/black_knight_cartaz__26r87fn-448x644.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 9eb08588f97f4d99915129647b880a30b0e5a6d368897cb5341352bc5de5a05c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 49000
etag: "4b8f2c090abbbcb5bb63bcf4fcd9cd83e97d171b"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 34564
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 zelda_capa__25y0inm3-448x644.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 49 KB
49 KB 95ms
87ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/zelda_capa__25y0inm3-448x644.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ee168108c3a3d6a39d5813d5cf029b32872742a997def2a19cc4cc6406437239

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 59431
etag: "c4786592191e715b8d3a38bbd046dd9294782157"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 50376
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 redfall_review_poster__rno060f9-448x644.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 51 KB
51 KB 97ms
90ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/redfall_review_poster__rno060f9-448x644.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c3ac282a5416e7feb08d64d845df20e3e97d978c37b6ca1f5f95df911ec4ab7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 83264
etag: "c69a83e624ac785606f15f8147c3886080547616"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 51974
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 rust_alec_baldwin__326vfn0_1210x544__1qof7e-760x428.webp
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 34 KB
34 KB 100ms
93ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/rust_alec_baldwin__326vfn0_1210x544__1qof7e-760x428.webp
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: ab3f02bcd49e1758c4aa657ee9ef5afd122c6748cc9fb01bf4816e680d353c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
last-modified: Wed, 24 May 2023 14:32:34 GMT
server: Somerset
etag: "646e2002-8758"
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
content-length: 34648
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_idol__3ys2pgh-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 45 KB
45 KB 101ms
94ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/the_idol__3ys2pgh-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d410b4f1e82575114cc4140f64a0258ec8e16b4530d638bf1c4a77c5c566f24c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 75920
etag: "16ba6fea509ec4969472c095e864e7604371279b"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 46222
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 playstation_showcase__2fs313j-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 28 KB
28 KB 104ms
97ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/playstation_showcase__2fs313j-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 187e45f7e3b6fc724eef38f521fe9cfb03df474846d2d51e2b5159869c571649

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 61092
etag: "13b1e00ca8254a0dc4a5e3db7b666300531735b6"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 28576
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 lisa_aranhaverso__12rf8sp50-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 36 KB
36 KB 104ms
98ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/lisa_aranhaverso__12rf8sp50-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: dd194850b6d734c99aaaf94bcf194b69222c45966079669f493efa35d690036e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 73086
etag: "016d29b0f416b2aa96be84fc161c35d0400a1be9"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 37092
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 the_flash_trailer_final__86hw20-760x428.jpg
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 20 KB
20 KB 107ms
100ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/the_flash_trailer_final__86hw20-760x428.jpg
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 03f326a65bf8ae174dc32775ddfa5cc8b04e321a9775320b5b3f6660b86a4ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 33603
etag: "ad75ecb52c39e9642777db4f8acf778e3d71fdf5"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 20106
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 appstore.png
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 2 KB
2 KB 107ms
101ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/appstore.png
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e355e5226f5e72115b0fa613353cfc67ad4e3f258abcebc25280c3e5fc04db78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 4084
etag: "4b0c0cea128fc374c273b606d32a39d19a993c16"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 1870
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 playstore.png
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 2 KB
2 KB 107ms
101ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/playstore.png
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 29664cfe791ce4b14d4a94be833a1cac6ad064bd0f44e8a716f1d611bb7304f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 5831
etag: "c4b0cc405d112249d931441b14617374865b14f1"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 2126
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 luizalabs.png
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 5 KB
5 KB 107ms
101ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/luizalabs.png
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 05a74a234f84eb6d21bc3c9e33182fa4175a392b4f903f47ce12fe86dde93211

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 12635
etag: "c0787f8ef8203473ea432a7a235c2ac519cc5c88"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 4776
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 ssg-intervention-2.png
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 53 KB
54 KB 108ms
102ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ssg-intervention-2.png
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b108983e2a8c54f38d23ca6462f4e4e2bbc5cf077c8e5a884e2efede6b4aaea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 656322
etag: "b72a0cfcce554b02be2588e49f658f2ea27862d7"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 54646
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
59 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MMGB42L

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcd48504086c62ab36271eb1572354063c09617b14998f834f39c7ad9a77bb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60223
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H2 200 wp-emoji-release.min.js Show response
jovemnerd.com.br/wp-includes/js/ 18 KB
5 KB 101ms
8ms Script
application/javascript 2600:9000:2644:5000:10:4d98:7a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jovemnerd.com.br/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5000:10:4d98:7a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Somerset /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 02:28:51 GMT
content-encoding: gzip
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 11:52:30 GMT
server: Somerset
x-amz-cf-pop: FRA60-P6
age: 86286
etag: W/"62c5777e-48b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hv14T9Na6QFh9evdyho7gUUfk5Ecd1N17sqyiN9bN1fgPy_qHwUzJQ==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 logo-jovemnerd.png
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 6 KB
6 KB 107ms
104ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/logo-jovemnerd.png
Requested by: Host: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/style.css?v=9.4.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 91086596ff182a1d7f5bcd32d5ba5dded40756cfcf74552f5da1b03d9aed3460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/style.css?v=9.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 11461
etag: "b1f613042b2af787957621e6b40f02d4361552a8"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 5796
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 logo-nerdbunker.svg
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/ 54 KB
23 KB 107ms
105ms Image
image/svg+xml 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/images/logo-nerdbunker.svg
Requested by: Host: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/style.css?v=9.4.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Somerset /
Resource Hash: a3a95bebbeaf2e36b281cc29f078385fee29e11d9e99ae98cda8057e659419b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/style.css?v=9.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 16:08:59 GMT
server: Somerset
etag: W/"6388d19b-d7b6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET
H2 200 bg_intel_geek__0gs2pn.png
uploads.jovemnerd.com.br/wp-content/uploads/2023/05/ 36 KB
36 KB 108ms
107ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.jovemnerd.com.br/wp-content/uploads/2023/05/bg_intel_geek__0gs2pn.png
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3b467ae82504fcf95b465da7b140d74e9f89e4052b6565e0b65653aa4f9d7ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
server: Azion IMS
x-original-image-size: 202834
etag: "483a05241a761b5159c3ee074c3bc16f1df56e82"
vary: Accept
content-type: image/webp
x-ims: Enabled
cache-control: max-age=86400
content-length: 36712
expires: Fri, 03 Nov 2023 02:26:57 GMT

GET Inter-Regular.woff2
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET Inter-Medium.woff2
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET Inter-MediumItalic.woff2
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET Inter-Bold.woff2
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET icomoon.ttf
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/ 0
0

GET Inter-Regular.woff
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET Inter-Bold.woff
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET Inter-MediumItalic.woff
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET icomoon.woff
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/ 0
0

GET Inter-Medium.woff
uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/ 399 KB
135 KB 80ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8736974496737360&plah=uploads.jovemnerd.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8736974496737360

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9c5a10f403583586ea224d6cfdfd64e1b255ad5798f32a908abe23535fd8fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138234
x-xss-protection: 0
server: cafe
etag: 6159926725120382929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame BF67 10 KB
5 KB 107ms
25ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8736974496737360

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 13:52:28 GMT
etag: 251720774729838433
expires: Wed, 15 Nov 2023 13:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98571-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 01:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2125
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 Nov 2023 03:51:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E05ZNEGCY2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98571-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd217e0cbf31d26882a8da025ca170bfe5f15986f0546806b449276fa38221f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Nov 2023 02:26:57 GMT

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 661ms
215ms Image
image/png 52.95.164.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=a3c3a39af4fd5fa582f2cfd8de90ad39&x-r=&x-s=http://uploads.jovemnerd.com.br/
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.164.120 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:26:59 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: 2V905XHZBMHNWN2J
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: 4OAEFqeQxfhDdkUOVulFbE+QUZR9HMpduNvmZismwW+aJWg5+F8IXODAa1TACYER5Ib1NcbfMrQ=

GET
H2 200 1f443.svg
s.w.org/images/core/emoji/14.0.0/svg/ 976 B
1 KB 42ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f443.svg

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

c19afe0f18a097f540fb8c4192129a0174161afd9589965020b8135caf959710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 976
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f339.svg
s.w.org/images/core/emoji/14.0.0/svg/ 905 B
1 KB 42ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f339.svg

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 905
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/ 420 KB
132 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 10:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58004
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135100
x-xss-protection: 0
server: cafe
etag: 11278338207436733902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Oct 2024 10:20:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
151 B 24ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1560177745&t=pageview&_s=1&dl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ul=en-us&de=UTF-8&dt=Jovem%20Nerd%20-%20Not%C3%ADcias%20sobre%20filmes%2C%20s%C3%A9ries%2C%20HQs%2C%20games%2C%20animes%2C%20ci%C3%AAncia%2C%20tecnologia%20e%20humor%2C%20porque%20rir%20n%C3%A3o%20faz%20mal%20a%20ningu%C3%A9m!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=349496847&gjid=756198090&cid=898812799.1698892018&tid=UA-98571-1&_gid=1103119683.1698892018&_r=1&gtm=457e3au1&gcd=11l1l1l1l1&jsscut=1&z=1677308213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://uploads.jovemnerd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 14ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1560177745&t=event&_s=2&dl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ul=en-us&de=UTF-8&dt=Jovem%20Nerd%20-%20Not%C3%ADcias%20sobre%20filmes%2C%20s%C3%A9ries%2C%20HQs%2C%20games%2C%20animes%2C%20ci%C3%AAncia%2C%20tecnologia%20e%20humor%2C%20porque%20rir%20n%C3%A3o%20faz%20mal%20a%20ningu%C3%A9m!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BG%20Banner%20AD&ea=impression&el=Intel%20Dia%20da%20Toalha&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=898812799.1698892018&tid=UA-98571-1&_gid=1103119683.1698892018&gtm=457e3au1&gcd=11l1l1l1l1&jsscut=1&z=321098872

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 09:23:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 57ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E05ZNEGCY2&gtm=45je3au1v9105768570&_p=1560177745&_gaz=1&gcd=11l1l1l1l1&cid=898812799.1698892018&ul=en-us&sr=1600x1200&_s=1&sid=1698892017&sct=1&seg=0&dl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&dt=Jovem%20Nerd%20-%20Not%C3%ADcias%20sobre%20filmes%2C%20s%C3%A9ries%2C%20HQs%2C%20games%2C%20animes%2C%20ci%C3%AAncia%2C%20tecnologia%20e%20humor%2C%20porque%20rir%20n%C3%A3o%20faz%20mal%20a%20ningu%C3%A9m!&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E05ZNEGCY2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 67ms
20ms Ping
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E05ZNEGCY2&cid=898812799.1698892018&gtm=45je3au1v9105768570&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E05ZNEGCY2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 66ms
28ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E05ZNEGCY2&cid=898812799.1698892018&gtm=45je3au1v9105768570&aip=1&z=1584851538

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
609 B 61ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=uploads.jovemnerd.com.br&callback=_gfp_s_&client=ca-pub-8736974496737360

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8736974496737360&plah=uploads.jovemnerd.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38affbcb9c4e4b756957ee998b19191738de97f091a0fba1ea6077c37d0ebc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3EE1 0
188 B 142ms
140ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8736974496737360&output=html&adk=1812271804&adf=3025194257&lmt=1698888417&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698892017655&bpp=3&bdt=214&idt=175&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5146471950288&frm=20&pv=2&ga_vid=898812799.1698892018&ga_sid=1698892018&ga_hid=1560177745&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078020%2C31079190%2C31079406%2C42532334%2C44805934%2C44807048%2C44807463%2C31078297&oid=2&pvsid=4027763832637265&tmod=2050395450&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=203

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:57 GMT
expires: Thu, 02 Nov 2023 02:26:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-98571-1&cid=898812799.1698892018&jid=349496847&gjid=756198090&_gid=1103119683.1698892018&_u=YEBAAUAAAAAAACAAI~&z=744511787

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://uploads.jovemnerd.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 85ms
25ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98571-1&cid=898812799.1698892018&jid=349496847&_u=YEBAAUAAAAAAACAAI~&z=282190115

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 26ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-98571-1&cid=898812799.1698892018&jid=349496847&_u=YEBAAUAAAAAAACAAI~&z=282190115

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 34ms
32ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231031&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407639df0ffaa2baf7b5febb8a5ca94bb23d37d80960e8643b98fdc9981607e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:26:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5425 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B92A 829 B
995 B 36ms
35ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29730315cdd4949c09e77f318112d604b26c50a61df252e6eef9fe767bfdd486

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LmedxAteiQmnNzM9aJUO5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LmedxAteiQmnNzM9aJUO5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:58 GMT
expires: Thu, 02 Nov 2023 02:26:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5425 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B92A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231031&jk=4027763832637265&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5425 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lUeuXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 MB
288 KB 606ms
606ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4027763832637265&correlator=998291734311133&eid=44807409%2C31079209&output=ldjh&gdfp_req=1&vrg=202310250101&ptt=17&impl=fifs&iu_parts=21803899378%2Cjn_header_super%2Cjn_content_arroba%2Cjn_sidebar_halfpage%2Cjn_inferior%2Cjn_featured_super%2Cjn_fixed_super&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=1200x250%7C970x250%7C970x90%7C728x90%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%7C300x600%7C160x600%7C120x600%2C1200x250%7C970x250%7C970x90%7C728x90%2C1200x250%7C970x250%7C970x90%7C728x90%2C1200x250%7C970x250%7C970x90%7C728x90%2C728x90%7C300x250%2C728x90%7C300x250%2C728x90%7C300x250%2C728x90%7C300x250%2C728x90%7C300x250%2C728x90%7C300x250%2C728x90%7C300x250%2C970x90%7C728x90&ifi=2&didk=693092532~2685673398~2685673399~2685673392~2685673393~2276600629~2276600630~2642123482~2642123483~2642123460~1823021240~1823021241~1823021222~1823021223~1823021220~1823021221~1823021218~3591182514&sfv=1-0-40&eri=1&sc=0&cookie=ID%3D1a5d2bd70d94c965-22da8aea22e300d8%3AT%3D1698892017%3ART%3D1698892017%3AS%3DALNI_MZrWdQW5g2f3vileHmHLiJiKKSCTA&gpic=UID%3D00000cb10c1af8fc%3AT%3D1698892017%3ART%3D1698892017%3AS%3DALNI_MbOnnJikV9R1JBguT-Hc8ygPr4SSQ&abxe=1&dt=1698892018924&lmt=1698888418&adxs=199%2C1023%2C1009%2C1009%2C1009%2C1009%2C1009%2C199%2C199%2C199%2C211%2C211%2C211%2C211%2C211%2C211%2C211%2C800&adys=568%2C1083%2C2426%2C4675%2C5866%2C7014%2C9962%2C2378%2C6966%2C9914%2C3524%2C5225%2C6317%2C8112%2C9204%2C11060%2C12151%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&vis=1&psz=1202x30%7C378x669%7C380x3488%7C380x3488%7C380x3488%7C380x48%7C380x48%7C1202x48%7C1202x48%7C1202x48%7C774x3884%7C774x3884%7C774x3884%7C774x2237%7C774x2237%7C774x2287%7C774x2287%7C0x-1&msz=1202x30%7C378x48%7C380x48%7C380x48%7C380x48%7C380x48%7C380x48%7C1202x48%7C1202x48%7C1202x48%7C774x48%7C774x48%7C774x48%7C774x48%7C774x48%7C774x48%7C774x48%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=898812799.1698892018&ga_sid=1698892018&ga_hid=1560177745&ga_fc=true&dlt=1698892017441&idt=452&adks=784015007%2C3134851443%2C3134851442%2C3134851441%2C3134851440%2C1000450424%2C1000450431%2C2523089005%2C2523088994%2C2523088995%2C3609093530%2C3609093531%2C3609093508%2C3609093509%2C3609093510%2C3609093511%2C3609093504%2C2894485229&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe513530bd8e632ebc936d1d808f02b5df9c6f4f766c547d12bc75304e39dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294834
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86A4 6 KB
3 KB 125ms
25ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231031&jk=4027763832637265&bg=!cHOlczzNAAbo5yKYyOc7ADQBe5WfOCertnsWWYr10RSeO8WW_DmQ2ksDMpv1HTvViTFJ69VdfXhdutC-ah8ZwuMbZkDVAgAAAF1SAAAAEmgBB5kCwfYOEax1vFffo_VOc8Awbz4nU40y_oOjnjgy6eEU7Zg3A50Ii1WTtlxbV0H_rYZfKMtC9JFezgtL2-TJa4QM8uZT3FS45ZbdpO7-N7we60MsYp59Lmt7rmCvdGgbeN0ds3CjATZJx9m03JhMFX3_s0IkV26_V2WIPhXa8KsGIxxvtLULpDZYfBuo_dSl-IJYxetvh8mXuv2Dl-Sb2nFTMveQNi7UD0oj6AIPSz9Etmdza63Klz0s8Xc9yunX1wE3dt3uBVjpcTJhd80jIB8Nkc_FNgButrVr5uNcgvhRNZmfkpNHaZ5FhT7ChHtPMaS84vCk_UFo8PqAOreu35lIycyPWXB_XFqnjUhlrC-YwOcjcA4kQ1-181lNFJKCIr5R_Ojr56ExLdPI_ymPUgyl3Fk7ulLovDXNzrgQip8kv2LeIYe4jtnahIPKwku7XeFZ-nMo5BG_ww6U-2C4PuwdD0eOHu2ybOJutnRnqxFpHOYBRCbPG0XNyuyAgwwBzkZ7aXuqU_U4sE1x31N2QeD4ZkZNmeNxCToSmKhXuiZMG6KJigMrWuhdyLikyUVgezPXF_NbdQbibE-9VEaXwfsOwkdDsJm79gJRkQFjPzmtwSvS2EhK3l3WyrVffhY7nlXAdgIOXEmME1X3A_dCkfrKp6BgPVApO9iV5F1st-VI-h3o2xcCC0ciPT3NWUBYCmwJVmmSmAWNCJ1J6GI6Yu5ZEnjmO95Dq4CzyvmbGOHJa1lczwl26OYVEVmesGuLaUsQ8OvSxr9osdL7NMOUX9sw9eJ5IPnCqwZwLkRaUt7PKz0ujMLIeLiBd2WpP0tmATcGvaTADiqS8lsZ7SASefYM7m2TyP6MMExDwvvfS8bb8t_ivrvItz4RKsVDCLCrIu1w8yXypxY0DK3EY1XOKq3TcUhiRzjYbZR9KdFe4PTvbQOswA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9798 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2451 6 KB
3 KB 16ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F16 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 788F 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EC6 6 KB
3 KB 16ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A407 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B91B 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5410 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6150 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8621 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DB6A 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A60 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 397E 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5FB 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E02D 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A20 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E2C 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 699C 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310250101/pubads_impl.js?cb=31079209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uploads.jovemnerd.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
expires: Fri, 01 Nov 2024 02:26:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5997 624 B
242 B 28ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGMH_gvwBMAE&v=APEucNX2C_qG6olXH3TN0ZxSdfgpi1oZnmxLrHN0f4VMjwv5ybFyMrwN6vzdPQ-V93OosjVZeUVzupPaegTONBff95XGhQeYKFBbt4T5c_kjfS4OOwSBhM-TV8IjnZVMXkNZddbK9GPPreSMM_DjjjQtsvnSJCPgTz9dTiKJqZfHWPBmU_1kSWQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9798 89 KB
31 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9798 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDXMB526qtzZQaDSZBMuQrtOWsdIHxmPkUKoSwdx-J-vYARayH2mMTuePB8hiZeTf__OUSiqs489KsLH3tKQwTMV3KWRUs75qB5qPyiuvZ3_612oI

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9798 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5587733504146025451&x=1&ct=119

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 9798 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 9798 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9798 0
0 22ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTywBRRN8egWE9h9hDDs1hkl2um4fC7nuvft-lfmn1qCsupPlSwIMhdzV7nAw-xrCbUq5mWvB_o-LljOQ5sKSLOBWszIA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9798 189 KB
60 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C586 640 B
262 B 30ms
29ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2451 172 KB
61 KB 68ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 2451 7 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 2451 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2451 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 2451 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 868D 1 KB
643 B 17ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 2451 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2451 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxOrwIPlt95nwDdJdyv03YIVn9A70HJKPsU45XPkri1It-_wWS_85JpMEfnzEpOWzE0XsivqmakV0c5B6-iNqAJNEMRcyHmbPqjMmRvPn15Yc0_4w

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2451 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdSje5B38c7z11Iem7AKTh759J_Ko72bBZgx89NZ-C5j3XR30HrMCy-ZN4U-DT5s1vkKglYXcFSwM0-UKRjroXeDHUjg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2451 189 KB
59 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:26:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 15A0 466 B
235 B 44ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUmKsYaKNKrd58d60kZ-gVmn4sc_tECs1yXbYEhwJ6Zivswqld4CnLMOytTVSBDXjSnRkSID0D1kVilE-UNMJoMu4h81JU59RZX1RSIyPoM_TBWKuHWIF5aH-iVyxwuHxOpDNLqccy9bIvFij2QYLmoyQgKjO93sJhCCFYe6Rwh7hPXbHk

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1F16 172 KB
60 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 1F16 7 KB
3 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 1F16 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F16 41 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 1F16 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 88B9 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 1F16 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F16 42 B
63 B 56ms
52ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQ2DfHHl48yfB0eHPMxtJK2Qb_eVcnzVMKA0Yy6YcKyTcgoC-Q830FOvGVmVxk0-vWEYKzuukJXZx0xHNARKt-brHF8euQJxpGRCD7NSV84UD6XkM

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1F16 0
0 34ms
27ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhVYfXlQnGNPPGjEgMHgZKrU3VgXUiowCqjnWVX0mcx5_6TDbuuuB_fTvCL8_V3TxmauX2SJG-P-U6Hv7C0EJzYuCXLA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F16 189 KB
59 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1E84 398 B
222 B 36ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNWFhrg1yttX55UkNz3JlSGEaH7DrWZ5zVLlK-mS3xcvA1qUe1VdKWvmpyu8IwvjBPL7RuQ5gtcIiIya1Yyh-J7Jy1yy_qHsLKr5QCJhSueS5JURCBmuERTlsub5j5V1dW82b2QLdzLGWJ1fK67P5BfkwevepcjwRUtQWI9tY15gIiNbSV8

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 788F 172 KB
60 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 788F 7 KB
3 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 788F 23 KB
9 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 788F 41 KB
14 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 788F 3 KB
1 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 74DD 1 KB
643 B 29ms
18ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 788F 20 KB
8 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 788F 42 B
63 B 67ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CByeRqUw6p_yLQXh7hSlAXjcLuhCnNijGXv6OXBPrnG1qI68FCqS7XUs8v7bLmROjA7nnjShKYi74wVtYd-LGvGBPlfwsfAWgiG9UxaVG_sUydeOQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 788F 0
0 40ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrRoAxZ5zQSMWlq-IcmC_hlAv6UkJaJ-WeZqmSN9cHEgwCF7DdeZNTCa71yTPrZzwbidI9lX2ZtuuvJuAcvIs1pSMr5A
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 788F 189 KB
59 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 58C6 0
16 B 34ms
30ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUkWX_hQQA23O3kf09HipR_Ma84x3YRsUngPeidJ4C10iocpR4LfZJg8DUcz-4_5wxtNZ-UtQUSzjsw6jQAdgrPFCdU7b6_AHxTyLX6WEIlC59uS_kXL7oFC5XRnykWaDysN-f8swVKZnazPEA0gZB5IoFvcFl6OY8-YiquV9HzXqiDIV8

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2EC6 172 KB
60 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 2EC6 7 KB
3 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 2EC6 23 KB
9 KB 29ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EC6 41 KB
14 KB 30ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 2EC6 3 KB
1 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFF6 1 KB
643 B 26ms
17ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 2EC6 20 KB
8 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EC6 42 B
63 B 73ms
64ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdvCQKCRh-rxsdHxkVaUSoVXrO3BrDk81GftQRr5xcmLyCLOhHp2qhWJ7zdeqxePz6ezhYyPmsuptSueTRe5nIWPB4PTDeEZBRcRUCdhjqoB9i7RE

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2EC6 0
0 39ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4crnukS31-0-0eCaUhFgGT4L55axoxAn_TpN3JxV_ZoTp67R-Wr_Wv8qG4B4J6HSFU2DfK2XlXAe7kb7k2E2HtQso_w
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EC6 189 KB
59 KB 44ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD4F 0
16 B 43ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi3y7P8ATAB&v=APEucNXTQP9WQxFS847OQRKYfeSREpZyLsFQCCGFUlxYL73V4NoxRSF7GxS9KGctp8n8al2jPukethxe32o58IvfUDVZOqjhuezYITELJH1jA9qPiU7Fmy5aKoimCh0jEHpmsVSPaCncWkXewjMuF4zgyLMdlhaaHPWVrDuCxGRgy4i3eYG0lyg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A407 172 KB
60 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame A407 7 KB
3 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame A407 23 KB
9 KB 31ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A407 41 KB
14 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame A407 3 KB
1 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B007 1 KB
643 B 32ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame A407 20 KB
8 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A407 42 B
63 B 69ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Avwqq_yBLhWT_4I3vfXTiL3Xpm6Fl8Q2jfgBPeUiISsLrvGbx29lUfXBGwCJNIIC9SG5gLhqDx9vn-RoYGE8_je_Knx8hZVFDtwtxEqBjbjnRfsZo

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A407 0
0 50ms
37ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaQV2LtgwI9eMoywAcsLC64Gb5hfg1BVXn-gCXz8ThBwpQCNh6_xc7-uKDEC1AlkjLwHviU3esKzC5hf7c9q0wX73iJg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A407 189 KB
59 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D049 0
16 B 54ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi3y7P8ATAB&v=APEucNXdnppcDQFrUivC2RUw4tQxPzdioI94XLKjS6SFkr2Tvnvyjel42thp9h09WVLQACgoCU518PpdTc_3VejD7koOYTpnbBTizstLs-RGl0bzxVNfcTwtHesBcfKgbB_bqODLOy8YE2XkkjVBH5Z61uyLesQJb7rgw9dgspaXvpRUc2e8V94

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B91B 172 KB
60 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame B91B 7 KB
3 KB 40ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame B91B 23 KB
9 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B91B 41 KB
14 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame B91B 3 KB
1 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FE9B 1 KB
643 B 43ms
21ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame B91B 20 KB
8 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B91B 42 B
63 B 75ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AiP89wbJJJIezvkT1j_cbV4P_I44YMxaz0mGzxm7Zk8-BriLn1UB2wSfaInbJbF3gmrnm4c3axukIsZlcO6GK-10xxsE5aOOmc0pYrJxaHklSivJM

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B91B 0
0 52ms
27ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUdEfLQZxXX_n4PullOwWGZ3Da3x9Fc_SXhdCj2jShgWTnkibzxCeaZ46R8cBY0AL9iO0bIcr8hc1CW5RAREbG3xEc4A
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B91B 189 KB
59 KB 97ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D94A 0
16 B 65ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNVl7lFZMIN-suNKqpE4-LIARwdc5j74kvaIOwsTdEvccBr9dmGevq8NVi4cmjb51WHfcW722IEPP2jrIy-rkmvItCj0tpaGHmFi-veQYBla6YKk9srWFmCzI0XDE--nsTxtwZzVTruuodlgJ1aBN4DrdKvPSgFdMB7cM1Pv-c8GgeX12yA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5410 172 KB
60 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 5410 7 KB
3 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 5410 23 KB
9 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5410 41 KB
14 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 5410 3 KB
1 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5D64 1 KB
643 B 40ms
20ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 5410 20 KB
8 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5410 42 B
63 B 77ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdUYDjHo3q2pk0xehg5dPktxu-9gNBYGm_Az9f2wKQQPq3-DK_3H5abVFSNMoQlt_y3avHkNA7ezzvmo_a0Z-l2BREfdTABastAr7Gh6xGp38ORTc

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5410 0
0 60ms
39ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtVe79T6cqNNCn0sv7Nxy_rPnm9v1btAkrw3-Lb7eZmIKB-zpH1UCWWs2_m2Y81LI8T57FBNOldrG9kPCFy96jUyS_YA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5410 189 KB
59 KB 89ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 6150 90 KB
36 KB 637ms
32ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d2ce3a8f6950317dfba6c4b16cb7bc2d4510ead5acadb382f135cb7564cfdf4f

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
last-modified: Tue, 31 Oct 2023 22:20:43 GMT
vary: Accept-Encoding
x-azure-ref: 20231102T022700Z-e117595gqt799dx5c5kc8nc40800000002b000000000nwvx
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 17cc7358-f01e-0034-1448-0ce7a7000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 6150
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=f8335bd5-e57f-4679-99fe-5120eb179eed&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=f30f065a-20ec-4166-9a0...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(18-0)?&RG=5169fd8d951d412b9a8f5c2f7b934283&SNR=1&GV=2&med=10

0
546 B

61ms
59ms

Image
text/plain

2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(18-0)?&RG=5169fd8d951d412b9a8f5c2f7b934283&SNR=1&GV=2&med=10
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66D50692F9E04DB48E978916F02CB37A Ref B: FRA31EDGE0209 Ref C: 2023-11-02T02:27:00Z
x-cdn-traceid: 0.13d53e17.1698892020.291c3dde
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 02 Nov 2023 02:27:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5B4313249EA4A6289B3B94287D11BCE Ref B: FRA31EDGE0121 Ref C: 2023-11-02T02:27:00Z
x-cdn-traceid: 0.13d53e17.1698892020.291c3db7
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(18-0)?&RG=5169fd8d951d412b9a8f5c2f7b934283&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 156
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 6150 80 KB
28 KB 86ms
7ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Thu, 02 Nov 2023 02:27:00 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 9815442
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230085-FRA
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1698892020.210622,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5, 195161

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 6150 3 KB
1 KB 53ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 6150 20 KB
8 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6150 0
0 56ms
38ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS90UItxazQrd9L90t9m35XfVwTaaLU1gDAW41W43RzSvX44uN5Wu3cQO7dVvs-tVafmawA-tGIVhKVWsfWZj-2DvhqLA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6150 24 KB
6 KB 49ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Oct 2024 19:44:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6150 189 KB
59 KB 80ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 596F 0
16 B 56ms
42ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNUS1CC7TIW_74twobY8bVm5lBNaozvk10Hhc-SSKZ_k34HF2mQqdmZu6uo5KrzWqE3va9PqX9hMox7BDLpG_fY-RdDdET75DhJt30h4tJ6qAofD1eWWLK2ndx6PHYvyrFQlYQ0nrn_kZr5-hXJnp64sMaOLzLyNFlTiIZM5dSETF58r9wk

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8621 172 KB
60 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 8621 7 KB
3 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 8621 23 KB
9 KB 43ms
31ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8621 41 KB
14 KB 40ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 8621 3 KB
1 KB 45ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 24B0 1 KB
643 B 40ms
31ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 8621 20 KB
8 KB 40ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8621 42 B
63 B 62ms
54ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoW9YIjsO7lIWbmaosYo5UjyNd_h9CjuP8azRa1S1LE8T3kq1pZZN8gLiCsBApoQX0Z6SiXGESPU5kNEfdqLZPMiTk3Jr7LKlQEGROoIo-RQsab9w

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8621 0
0 46ms
37ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU155qaRck66w59Fh4YfXjDQA_1CdghiLCv8_47UJkHjpMhG1DwWeFDkWvHwtakCLejZqPdpzin3TaHBEPnKFtj4ofrQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8621 189 KB
59 KB 66ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 90D9 0
16 B 50ms
31ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVosU-G1dWrHR56UZZyC16Iw57ufnULNBCc_Sf-SCx_DrzxKBHwNWmhvbedqRXK95InueYhDW9svHHhg2b81DvdyUxZjhuz376fLty76bvvkcho804zeGhMl02F4VkudCYSgCYrJs1QbrNRPi04KrtWmYZEt60PloCyqjitg3u6FWxVxQU

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DB6A 89 KB
31 KB 66ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB6A 42 B
63 B 79ms
61ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGoFwSi3WDxU2j1dAw4RAmi9PvzeAeTx0weMGsALJdpXPogJeN0aD3Tr56CvwuR2fDVL6L4a0eGN3OBqHoqfMASCgu77gD-doqRM6kgW8iI1uJGHU

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB6A 0
20 B 79ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15404768939696643451&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame DB6A 3 KB
1 KB 44ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame DB6A 20 KB
8 KB 45ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB6A 0
0 48ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-GmHqAHwd9vARNaOX4mBW-63NCXZWMKoP4nxjcYaVOvhlOSe1y6Rzu18b1sQoynyh1KCob2_zeXcsclQh0UmailFVZQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB6A 189 KB
59 KB 58ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5997
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1

43 B
338 B

38ms
17ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGMH_gvwBMAE&v=APEucNX2C_qG6olXH3TN0ZxSdfgpi1oZnmxLrHN0f4VMjwv5ybFyMrwN6vzdPQ-V93OosjVZeUVzupPaegTONBff95XGhQeYKFBbt4T5c_kjfS4OOwSBhM-TV8IjnZVMXkNZddbK9GPPreSMM_DjjjQtsvnSJCPgTz9dTiKJqZfHWPBmU_1kSWQ
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpmRSxLHyKhAZt6hAuVyEYwzl%2Bjo%2BLpX4HOerm0ZDiBz0Ho%2BHex%2FjH9tqk44cH9sSjzdZgotKINk5cBSno2hLUpHwAf0MQ2MtUDlLnGF8KXy9ezxNtqoblWoGYWRp1WI9yCQW60fEIVgCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f8ef9a1b8235e7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5997
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1

43 B
771 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGMH_gvwBMAE&v=APEucNX2C_qG6olXH3TN0ZxSdfgpi1oZnmxLrHN0f4VMjwv5ybFyMrwN6vzdPQ-V93OosjVZeUVzupPaegTONBff95XGhQeYKFBbt4T5c_kjfS4OOwSBhM-TV8IjnZVMXkNZddbK9GPPreSMM_DjjjQtsvnSJCPgTz9dTiKJqZfHWPBmU_1kSWQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuwufIleBfr1e1ZkfuwgjvJyBxVJrYY7rJBtDt3PCmz%2B9mFfCJXWdNfy6NxGmcYZLArjFDidWNVBkWGY8jkxNlTH3TqzCDkpP98stOCukxFPvbNf4O%2FiN%2BBX1lR5arZv1TRWsqrZSskfWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81f8ef9a8d4f1ca1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYHM6w54-B-WTuxZbaJd7o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5997
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPE602my_Y30SxJfCiDdgFQ&google_cver=1

43 B
840 B

34ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPE602my_Y30SxJfCiDdgFQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGMH_gvwBMAE&v=APEucNX2C_qG6olXH3TN0ZxSdfgpi1oZnmxLrHN0f4VMjwv5ybFyMrwN6vzdPQ-V93OosjVZeUVzupPaegTONBff95XGhQeYKFBbt4T5c_kjfS4OOwSBhM-TV8IjnZVMXkNZddbK9GPPreSMM_DjjjQtsvnSJCPgTz9dTiKJqZfHWPBmU_1kSWQ

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
an-x-request-uuid: 9b06ab30-dddc-4d83-a55c-4a850eaa0bc5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPE602my_Y30SxJfCiDdgFQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5997
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D

170 B
232 B

30ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
an-x-request-uuid: d1163d05-348c-444e-ab0d-e97c276f7a2a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 743B 0
16 B 68ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXnzo5chtcY_eLnnm1FJTMCamTlQ-jG-rpAqas1NO7iaUX6AQoYFNxChiKE2cl-ZmZjiQpd14OFhHLDrLQGNZlxwJaelWzdss-d9W00GLWSdGmMtR7M0HO94x6FXVRVPiWPZXIaid-faQczkS8Vs5F0ivSMrd2iMkiu5UqECGBTSq71KkM

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0A60 89 KB
31 KB 75ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A60 42 B
63 B 89ms
59ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cp7mSjp5cp9KWyjKOKSVMrd0UjrpbJfuoa2tK9VPfzYd8GahwtOzedaWre1dYgmvit6o56zKj1bmX6XEcAWD2cM1D1FFuihyRFgRQKT-fZeA9BBhw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A60 0
20 B 89ms
59ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=494908366874242834&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 0A60 3 KB
1 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 0A60 20 KB
8 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0A60 0
0 65ms
35ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8oy2vWjXYVb07jEkGSwLqo5DI6Pa85jrrcrG5wNB1yc0jTX5l0tXq5G9bJwwHY5h2M6dUw-78Tp0Ssxh4JxIFIdA1Kg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A60 189 KB
59 KB 76ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 71DD 0
16 B 489ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV4UADuQAZFQG9onh7gvfl_OT1yHXi2Bc--htaKpwNarCnNmMOQw2w3R3GKh09H5M7fpqtKXvoHOTS-dqmyFUf9IwdVquR8FNnL3sjKyMApXnh5djvE35UDxlp_cwOzncOBbfefYvHjb5wafstlGIw6Jn4UdPfsRY2CsAKDvGfse2yAA8s

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 397E 89 KB
31 KB 78ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 397E 42 B
63 B 85ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbjdfUKC3sO3tSx5xtfPT4bvXvfdXnpC9ze5LSNzby80kU_OT9azbigQFcUPpdAT3FPON7_Frfr-6HnJ8zQmcoYmJVAuMHc_qW37KZEH_XgvPXFcU

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 397E 0
20 B 86ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2499934831662535047&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 397E 3 KB
1 KB 50ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 397E 20 KB
8 KB 51ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 397E 0
0 63ms
34ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjKC5BH6egk_uri_J2sh6omFhbtTiKDVz4UdgMQ_WO2F8560A2JRu824iiFLRP_dGLEXqVdYcdo4OhxFGYYQ6BsWsXGQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 397E 189 KB
59 KB 101ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A027 0
16 B 489ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVhWwITQw1YElZYBj84gEcRH3nJKwWpMX8bRPcChAdvYGvr9R5G18BxnR55VaFW_3B0FaUaQlAPBXHzRrj-hF--XkJ16Ru2140IBbILP_srYxQxmfsXrvGPoz4LaSUNYyDWz87gGUg1YnwGR0aO7aAhutI_wGe7O2DCI2W_ZcHR_kw1PII

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D5FB 89 KB
31 KB 78ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5FB 42 B
63 B 85ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYDEbygGoYhfI1Jxy6NCoYF08_8gDgxKXjwOWP-3MoCM2EbEHiUB7i01cRBrh20NMKau3561M2LC86M70MyznbZ0nDoOn2UrKIEBwlCcHsVz4d3u0

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5FB 0
20 B 84ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15137135732004947879&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame D5FB 3 KB
1 KB 51ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame D5FB 20 KB
8 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5FB 189 KB
59 KB 82ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3C42 0
16 B 485ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUQu0_b4WKjmLkgT7Bm00ex7gMJV4_1qeOSyV-atH76MrIbfy8APP7Cg5fqPfClknoRS7ve6ENvsm-5Ky-NbDVDcNCBFwQMJBEByr_7QgIXA4hyoekf5gYPmndOPpDCl9sJACqVbrmE_uRAYeqAytRszk5dOLTOavQAAmRcDHt-L2l_5yw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E02D 89 KB
31 KB 73ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E02D 42 B
63 B 83ms
57ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_Q90-Y_mB1Nhot70BIapukumEu-KmY5DzPvrZDZztZp4mP44m8wqfMU0iB217qQbwt8u6dFy3G1m_5z-MnmVlFccMtoK2VWEYhqQw7qT7YB5IKO8

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E02D 0
20 B 84ms
58ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13056785798845594076&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame E02D 3 KB
1 KB 51ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame E02D 20 KB
8 KB 52ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E02D 189 KB
59 KB 78ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C586
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL3RDFbRs9LG63t6BnrbgDQ&google_cver=1

43 B
114 B

40ms
20ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL3RDFbRs9LG63t6BnrbgDQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL3RDFbRs9LG63t6BnrbgDQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C586 43 B
304 B 581ms
25ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame C586
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGPVuF73sYzOEGU_OP-4gTw&google_cver=1

23 B
163 B

64ms
43ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGPVuF73sYzOEGU_OP-4gTw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 02:27:00 GMT
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEGPVuF73sYzOEGU_OP-4gTw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C586 23 B
163 B 350ms
36ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUX_wc_ZkQk6bhv5fB40Hh8ApmILlhN8DjAxvAbPGabZVrywGf0853imZdbjczDDcyD9gZi6xUv8obqlA1jf1r8TVaS057CWS06W4jPXRNmS2RZ0-pWMxQgYkbjAO6OxWpeK7Bd21vCDG63dWyrsw1tjXDW01n17jTK4HcF_D86c5_QpGA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 02:27:00 GMT
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E79 0
16 B 93ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV2x52ZG8Z_U4vFHAj0Nd5s2WnYhDj9zbrxUPpiZNKGHHrHXv9bGQHZeH11aHLS7iVhpoMuqGyx4xzxOAc-XQny-zql0gkp04gq5ydjaoE4t8g_AXdMAGPXQBf3EeWw_eF_rbVLJnTdeFziBwB8MUGlYJYW_JKs1lrMPnT-aSc0AvdvwBI

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A20 89 KB
31 KB 69ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A20 42 B
63 B 69ms
54ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5FGY7chUh75OBo0lMzggXErssNIClFZIatNqvelh1Ra31_grIpXRM2kbO7EYB-26CADBE5rvooPSCQQ8qqnsdtcCFqjJPMigrIAtQpe93qT9LMLc

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A20 0
20 B 70ms
54ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3902820229449591758&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 3A20 3 KB
1 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 3A20 20 KB
8 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3A20 0
0 44ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQY5UOlb-8xKkCjVa8jvGgNpFIg_V2HyiNq1hCJ6zfUW_oIjNt0v71kBIb1UM7X077Hhzwc6OGYYmaMM1SjBXym-dn8FQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A20 189 KB
59 KB 51ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9EB3 0
16 B 88ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWrkORq5MRW5mxwxugZuHzOSpasGW_uRqljiC5spt0GcZS80BK0kWHjYBsg9nUW00mPG4xnPjVi9r_ZL3if6rbjHNjZiKIQ0MIUa8Cv6WbQz9wx5q-TTUFUzG97iy_q--iIWvFaSZYiQA_SspUfD_HgaCpglVUsbFyLv_peLIalSmoeZnM

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3E2C 89 KB
31 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E2C 42 B
63 B 72ms
49ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cj5a-CGqzno--_UjGn1w5SnPiJHzvVZlWUql7OxAvOvnjhtn1tmp22rmhqb9I9wJUQb7Oaem5p6ArA2rxUYTVeKqJ4LLo3x09qkGevo69OLvF9Q0M

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E2C 0
20 B 72ms
50ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14392911961025981904&x=1&ct=77

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 3E2C 3 KB
1 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 3E2C 20 KB
8 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3E2C 0
0 51ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXF4vvDA8N9Pv3c292q3esM1FyqOoQUjQmZhkyGQSpok2CQR16pGSHOZ8QulZMAap3AJ9jvfRu5SCB5J9V3TSCUokqjA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E2C 189 KB
59 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9145 0
16 B 86ms
34ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZzrP8ATAB&v=APEucNVvm-t5Vc7pQxCT4VVUn8eDIvk3G5Y5jURNsQH5jq_thD356T4eJKhdLkZXhppLDG4nOLQDhy2OWKUge_6IWTI-8q495_GEVtTzBqtgEbSrL9Aix6HEIA_zbu7Dy-Df-2c8igj2QhjE2kQX1gC1ncEkcL2-zwZ2NINvX7aKq7JFlQNUFkE

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 699C 172 KB
60 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 699C 7 KB
3 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 699C 23 KB
9 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite_fy2021.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:40:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 699C 41 KB
14 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 699C 3 KB
1 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C92B 1 KB
643 B 72ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 699C 20 KB
8 KB 40ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:29:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 699C 42 B
63 B 64ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgL_T4qZRiUOVsd_YDRwf0Qw9P0gui3CufxCdW65lCdHvs9PSXxF6jPZGbCFlaLgt7LnZ5NA3R4DqDYmq-DYN1CRbQI9R9np77MzMgzY0btX9XDKA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 699C 0
0 51ms
34ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOFCQiKm060RYlzDEc4mgQuP8D3Pov4rdsvZ7SQAfMbtwrEyqxNYevK75f3BWgVmqTIRIQdVYqpvqRT6ABLZxVxEkmtQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 699C 189 KB
59 KB 54ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 02:27:00 GMT

GET

partner
sync.search.spotxchange.com/ Frame 15A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEClRY0KW0zTe17EsCxrejvY&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 15A0 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 15A0 0
125 B 335ms
12ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNUmKsYaKNKrd58d60kZ-gVmn4sc_tECs1yXbYEhwJ6Zivswqld4CnLMOytTVSBDXjSnRkSID0D1kVilE-UNMJoMu4h81JU59RZX1RSIyPoM_TBWKuHWIF5aH-iVyxwuHxOpDNLqccy9bIvFij2QYLmoyQgKjO93sJhCCFYe6Rwh7hPXbHk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 1E84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEK58I7n7liwEyOYeQHzPjYI&google_cver=1

43 B
163 B

35ms
21ms

Image
image/gif

185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEK58I7n7liwEyOYeQHzPjYI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNWFhrg1yttX55UkNz3JlSGEaH7DrWZ5zVLlK-mS3xcvA1qUe1VdKWvmpyu8IwvjBPL7RuQ5gtcIiIya1Yyh-J7Jy1yy_qHsLKr5QCJhSueS5JURCBmuERTlsub5j5V1dW82b2QLdzLGWJ1fK67P5BfkwevepcjwRUtQWI9tY15gIiNbSV8
Protocol: HTTP/1.1
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEK58I7n7liwEyOYeQHzPjYI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1E84 43 B
163 B 505ms
25ms Image
image/gif 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiM0rP8ATAB&v=APEucNWFhrg1yttX55UkNz3JlSGEaH7DrWZ5zVLlK-mS3xcvA1qUe1VdKWvmpyu8IwvjBPL7RuQ5gtcIiIya1Yyh-J7Jy1yy_qHsLKr5QCJhSueS5JURCBmuERTlsub5j5V1dW82b2QLdzLGWJ1fK67P5BfkwevepcjwRUtQWI9tY15gIiNbSV8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9798 0
20 B 55ms
51ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2533857199688&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9798 0
20 B 49ms
47ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2533857199688&version=m202309260101&ct=119&x=1&cor=5587733504146025000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9798 90 KB
38 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aoh-mpj-fb-n06izAskNQ7obqK4vSAqHUf2kkf5vO79wbMHWWiovcQJdYIOLxBB_X2VOq2Y9xG8AmRRUkppD9QkRLCkaUz5ets5tgH6xMLj7S0yAXLaC6aj3NL9h20m5NHUaFyuAI7Y9OuG2Bg25TJrWRr_VtLu0FypQ01l5uPFNlPT5k&cry=1&dbm_d=AKAmf-C_rYS-Ry4NpF7qkoaxit2ya7MMejihZNVwpiDGDyEvEdLodY0qV3lhpOyfT0dSIn5Ugap59xR9te5uRstTR8FZBUsmVOGo59psr5VBlv8hyCzbpRacHFA45SRasTx_oi5p6mOPLB34sTjKaVB40iJ-mQoUPh5HA_us0g1BxPFwi5jX_mp8KE5QBWjIPghRsYkvad5xVfvVDMV4YYRrUNr5hgAg6JU5fBEDPcY-9mj7D37vDVXaUj5gN8k6QRUhQaDyRZNKPpO0oCVKvuD3E0sAGHEOtpF6ItlRs_-yFWFuJtUjZug-Gs2dS1m4EB8DuBSJAeu9zNlXkZKddGmHZHuyuYQ50fJj0f0bM_8vtBkn534zQ5W56mjfj5beJlqIZSz0PwuKRAYfsdvfhDDmIyP3HUC7CCgJ0htf4-ps6rB80rD0AC3FrTuR0X8c6GADznkroNTG4wRR76dFDvwfb2NJapBTfb1aI4inhEtGdPBPC_PD5eX7W7Pgr7BEuDOD58oGEFYeh_hRpS8OBkSWJrUK_T6nPfPN0_P6BUvVs5q97rOxcA-GWwMxjxKGyOlwyJ7l9lfWJhxfyAl8cLgKvZfSseyni6zqveWKDsqTZU5w02tqFMV9Rp6x9ymcrK4PZt-PYZFFlf30LfEx3p90M4rndX8A6yW2-uNtMTfHEI75p4StplkA4XvCI5oKxul9sjIyZaBWDPOj_iqVpLuSoKzO7pq7YRhzixvlnLGYEE8M5IQiLLLhNHeiH65vgGKndq7HLG3q6qwxBC6N_R5ULlhjCQFBrb0G8DEjvgowJoeIq0O7hr86ozq5yDHqi5Cca-ml_JfTzbXl3dIuVNkWAVtm3a4mqajM9IZBoiqtxWjiXEtN0D66rHcsGq2VJ8uQIhcHYA8HXSxR0v8r7a2GiWbiGVFuwKfCi49ZTJ5b1oBohuhn-DnXWUDpGMeImDbleNUhf2TBsejF3gSyIGYMNGTeZq-Y6ev4w9iUdltbXq7Qb0ulbD2bn2jSSiKyV5w-r66pjR2oddhshOw1HU3mtRWmHa9q8IUdCgofP93xveOMFB_Q3a9GR-5HBy6GI3_6-sgrsK0WF5xt9zklI11fzbsR34pZQQ-d9yyc_NZ7-ig6bQp13XJBiSGO_Y0H9vRhAzkevDW23Z7fUDWbrCl0Dujv11Cs4sKsP9gVU5DRgwQ_kMEyFWAwT81FjJnf4DUwnuP3OBCwTBCpAFEwfif3ub22-li55pHk4C-3_K5SmRWECZOyNbTph5PadQNLHdwv-LoKuynDCXTQebXSQx56VdsLU6Y8VgaC_aF_5zqKjUmkW5uU9VZ7vM2yIgVYzQ-7bqbaA6tLJ8NoQ1usUukOfvZJALUYm8rUa9d0QdAecQcnzxV53KPcpObI9HYL_g1hN7lSyFId5air4lqR9mqQT1HkqLwDknf8riAQCQSeIfCYrnBhsT-d_jQqB6pk2W0x5o9uZSRyTHcwweUEdx3NuS2ufHV-3ckvKmmuL4g_981jUGo9RUB6P6CuaoA3XOafcBPozxl77yJnqLq-maTRoPjPXW84-qxfESBTYfj4pDgzNMOh_MdADgSLTEE3dEBlA8lxyvm-GByAVaB8kQIaRZOzFIrM8gcTJJOT8QTkoWb1ISd4E-0jZe8s8XRDowkTYLqFa75rQcpNIO3mdU-PqFYSxE8WpM1JdKm6iWho-J-M9Y6f_Vk_Yp3qMyk3yjks2amNwz7tDMl-hGz0IDIPE91Z5ZPSJwTib2aZFCC-Gf7Z8NrrP17aiWTlaupllqyuSoq2PBDYSYwOGkStgAXttJwsVRUWW1bZ2rbPEhO9cpz_cf_lX9CCY66fYaKNb4yr0xRZRDOGrkE6IwcXhk-IgWsJ6e9U3rRWR3d8k24HwQd4SplqEhGTgW53iL3j8nrZlvaKrlivOOgygJys_04bryez_YEf7f2SPjazlgl45sPEyNJhK8ofEZT_nUQ7RCxNTmT-0Ws7rjpfH8AMrpOYIBupPaMQcsOHWXzxIgtJe8-omJvXhCO8A0LprcUdko17XJCXIlPoy2Qbjx_KkOnnIjGTRMmtUk3e06TOhqSERn2F2RI1feIDHMqKXVipACEpmNEkPMz5cFhUD5HsZwOkwj7idlFmci4OJm21GnRxXbzrWvlkYUJ-s9gXaXsJu59KZ-JwS9Of6jXB2hR3pDFX6s8rQIod__nFH1_lU54f340e-Ux6ltKPkVanRi5ln5uLHJuQZWdB3LwQBdtyXQxNFpS1mJgat_bLabZYAkKCV2aa5pUnRRISrjFXdG-NaDeQ2n4TOznKuWMeU8e5O3FK4t47lCT_CnCKDey96LlYnOd5KJRrSrh19FMM_szJahHcXiDxWwNPGurhk74kXOfJgAocjhp8b3jsq9kknT7BdAiNeYCKclv8UkeZPT72gjXKuB9PPOfTagcFSQPDQhGd8Ft8-51TtB7HvqE2hPLq0vMqJEyOvG0WYG9is7XmlsZRIoEf2gAQYVrzSTwn8QP9tHjCuIiMss6o4giZu9HrYWxcxDdjofdSqo2Cknzer6UsbiG_WBU0N-lWIrnu4d8-6Tr1xg_KaHsN1fy_hKBD36MBvjxqxzwbsjMf6VuUhBUxlKk4Oq8dl5s3AacsbdVZn9Nu55Ufoaag7amD1HzScCRaV4f-7PAA-5odZ-G62v6V7UBRppW6xZ06xPcPbOqP3JEi9Lr_RwbVEauDz2NqdMJW2rl8Wn2rZFkvRLOgGqUm2LZ71vBIO6IaMYy83k39kMvbLRHHz1YjsSgkUsTakNtJhp1d7jLb6_XHzTPRXAh0BSqquJK0J-extv_N6KZepMM3WSknxVb6riRiHZPa4brSmA3PHxFl3NFc8aca4YZD7_K1V9FGZ3oEtX08GziuBcAexGdKg--4mzxNdueKr0X89XKkoQq796-gG-ZXWvdYBRUCP1PMtBj8rEorCe-9nr_jLiAVsf3guI4Ck5BtoImz7Y_a22LeGbuwW_AkyU75baGdeoYlZA8hRAPwgPyxiJJbUFCVKyyuguPYQVj4tR7GEO200oaoPDAZyzvw8C5P7JWS1NYbu2ZKzbf-SUVTMvp0IUtc_-TFaRbqDeaiHOZd1z00WgFUQbRPlt7jlg72oRJ-ZV4Na6vv7ZWakRneRWvTrodP9ksDChlvVAtxpct9ek3yI7UtVoZU-7DrjQDLr9J42iNYnwg7O-Jtu64VNt_iUsEcSEYu5aoLPitbMuOQGeShHDNhREfHTNKfyHSu38HNp-Bi8PSaNbnr12NXNygtquoWhEfE8vz9YfaiZ6XvSLaO5uL6zCAQeLI7qPKAF44kiwRiAQeMX2GUs5SGZxGLS8unuMgWYulRUkkotox_vLoBZJpwVsiYZ2796MclXid0oM7f_h5RPJLP1YNJCsLEXq602h-wMkT4e873PowOSYk027DFGrHq7HB2RmxHVVRTZCtBhA7y0jh7MbqaeboTuVuP3YfhYSnlKlhTmip6dZeZNuoIrY_zI5m2-paZB6UwhF4hGpMY6VQBElgUXmspiT4HM9DynqzzFF91DXlAFu4KKVE43lGkmt4sUOaLMoOOioDw87Uj2Ino_7fMyXsLcSsc_oI0xfXAeV_9Yw48qIReIJAs-fRI5TCcdsUkGZdVmZF4E5h-yIbFmFsPoaJeO_PvYB3uTzAs3Y07yRqIRLAQZRc112maiM8YWp-xXDj2hAUZEuRrEjXF7u-lG_2yp9XE1RSBipaARD7rak5k7Z2OtRt9jbUUOmIiXkAxufFo3GRdxWjPl-vtKCvnDwMYbNUE24_pT584r10znVt3Ya-3n3tD_7uLuv8MG_lIalGAyDbZXxlpkbtvRuXUzyX7VDuAUhcsisIGLKStUixTUe0LMceRtdi-1IOJk2T0R5RSn7b8ja8XPk83zofFpu8Va0N8aQ1A2G6y_xJkuJ06NsAcdkkFgYdBgzrKZZeMuEDg_zxilNzwMrHV3bLIJJDfzd3S3-8cOXhu-bY53-BVNfqr3yaupqnAJEOpiNYMlhkrxw3NVxKU7yrOkkQjXI4m09Jki1qVrWZSzSRErUmY7Q2xZD_OKCZe4WXJ77n0V7pQBlklKeljVn5FB_c9jfsQXuSIavB8Ej9QwUcdebK_uJoFYoc&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=5587733504146025000&adk=1964084972&idt=32&cac=0&dtd=132

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

419344d70a3008933b8340edb25f62884ddd07b012fe1f5a2183220fe8a1e5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38453
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmRb5mgMapJitkYglmcqeySNqkOWysRVtFgch_GT-1__vBJSLWfqln...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmRb5mgMapJitkYglmcqeySNqkOWysRVtFgch_GT-1__vBJSLWfqlnTRtocMoSXvMrb9O2UuDFHwbEtFoYRd7sCw1ob9uQchOg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230139-FRA
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698892021.735217,VS0,VE187
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmRb5mgMapJitkYglmcqeySNqkOWysRVtFgch_GT-1__vBJSLWfqlnTRtocMoSXvMrb9O2UuDFHwbEtFoYRd7sCw1ob9uQchOg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7gu2cGnJLNPbaVcoQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=664391B105C0436F9BE0DB9F99E84135&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7g...

170 B
232 B

47ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=664391B105C0436F9BE0DB9F99E84135&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7gu2cGnJLNPbaVcoQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=664391B105C0436F9BE0DB9F99E84135&google_push=AXcoOmQa9iOXn_0ZrMzKDUkd3UvAUjxvLM_3qJcfaFW4JrErVZs4hJO2huOhdRg0bj1tDZ0KlxBPVW273mWA-7gu2cGnJLNPbaVcoQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBI...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBIiE-pqQ4hMjTCBmFMBGQ&google_hm=Iftrco8nSEyLKDyiY_...

170 B
232 B

48ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBIiE-pqQ4hMjTCBmFMBGQ&google_hm=Iftrco8nSEyLKDyiY_N8zYs

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRRLRl8xUt5F1ysicpzyK7q4NLzPJjTcMCt6fv3Wuf-iQ0FKEg2Re0GbjWMUvNPilITiylJES_icBIiE-pqQ4hMjTCBmFMBGQ&google_hm=Iftrco8nSEyLKDyiY_N8zYs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aUZDAu5IRPGP0-40sE9sug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aUZDAu5IRPGP0-40sE9sug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRk4G5iETjsauqQMJk9UIO95UFQxpK9Y66UdWqwhm6mGlULsO5UVeMyntM4AduZ6zL4G0gK9xksqMWizsKPrParfz7IioqQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aUZDAu5IRPGP0-40sE9sug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRk4G5iETjsauqQMJk9UIO95UFQxpK9Y66UdWqwhm6mGlULsO5UVeMyntM4AduZ6zL4G0gK9xksqMWizsKPrParfz7IioqQ
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvT...

170 B
188 B

42ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvTKWly3p6X4Z5tuzVmzZCcuIOJ65mjYFX-tiaUoeZRUlfys4b5GYSOKkEyJMqPids

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfcJI8FefTTCKiFeWj6S1UtxD7JeLDzLNnrQUpf%2F6H%2BiWUng8lvrZeDViU8Lv9o4FezQCM4ylFAB9SShyuw5A7keXrPnEno3vx49rQkb3whxbSh2sEDwibYmJ2rlkj3J0L0KMziiXlwZMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTmsQ0IO2e4yT20h74xUFJ0Gb83cxWvTKWly3p6X4Z5tuzVmzZCcuIOJ65mjYFX-tiaUoeZRUlfys4b5GYSOKkEyJMqPids
cache-control: no-cache
cf-ray: 81f8ef9a1da8371c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 868D 43 B
199 B 303ms
34ms Image
image/gif 52.51.19.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEEmxzZ3ZiQtPa3zRSYINoWU&google_cver=1&google_push=AXcoOmR2SPJAmPRdHK2VPt5zUpUfk7M2sq5Uztdg-v-Gyrw9816JXeywE_fetOV4yeI273DX6jJLr-yew8B1ohxnSy24BkYzHtr_
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.19.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-19-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Nov 2023 02:27:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 868D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHBty3-EkGTjSFE2M-XMXUU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVv...

170 B
188 B

32ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVvODI3CLpI1b8Rm6mzVWynBjixaVyyx49qtHcbZHj4BCya1F95g8xNLm16_3m2ogn0CaOjE

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
an-x-request-uuid: 8d3f8457-4ce3-44eb-8792-e4d77b608117
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTFeJX2WAdS6wVzjHAcaZWajyiiVvODI3CLpI1b8Rm6mzVWynBjixaVyyx49qtHcbZHj4BCya1F95g8xNLm16_3m2ogn0CaOjE
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 868D 0
40 B 307ms
38ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUTleAhuQrdAfU2fSeEgBY2tEOIUg7f7GHxkQvWG9STNz2EicgjNRx-AsVz1OEesjAQGKdiA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 3952 47 KB
12 KB 133ms
74ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F16 0
0 307ms
61ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZrZTYTxRI_DTYqVg6uY42AE4FcPOxUBH9Y_mEt3h7gqnLdZeraWip5H6PbNakISlWlLOpoSdgulIArCNWgW2BxR4eVGj1kHhucngkxD2s3DLeqlsHsLK5BUN9IQNlZ6pNptkonPcBC7Ne7trVrALOdOX9UEPTLuuVZhsbeI-Tp0uIAkO8nNYQajDTWYtfaRMVV3x7FRuUSoGMwvNdaZMw4LdSIx9DYsCBunuv4iTvvKG94OhpZRY6I59NhfAHufrr63gZsPnjlxwoHTrwqSpSoNEWn3Dh25wM_duCNlxnkrwqYTlmOXKd2fTQQ93VXhkz5GUeKVHZK_7JZIlQM-yc3rbCMmw-aDXUyyeqd3Mr0l1K9tPjTMKCbVbiZVjB6u6CW7UVGyLb-PxTDLjBsBvBI6Q4rOWT75XuA7Y74P-T_d7HyQ03yoS_SyfFTBQ3oPmdvavGxLAYqzTef7DfluzBrpkldsN4Pum3_WKzk4e8w1fDdCHLVbrkWphfCXWb0hKZeapSavlNN5q6Jynw5HdJslYmXLTXv3uANfwRi3bb8xokyuLcSgdsGiTd6QDvUJY7MnMIlz4J9s8aXy2wfI4DKJvk0_ZDhLDFStsG2kGOp7DJqqOGc1J-1r-V8QlBYXJ7vto8eUvJaSCguUHX5uuni2F_3oSDjFyNG349W7o23ZjsYJo5WCxDsxfF9PredaWuMLvdr54Oy0sd8oxirJX7E-Gi8-Jdog-I-l3TdiUEe0YRlSvEbJbu7vFsSdY-6xlai58ToivCYjfvnCbX_yY-DjvYw7TDeBV5iid_OgvXTRn0UfFDWDyCu4rxJFn4dP-XwskW5agGwwG_o72mWxYBDMlCCd7VDsAg0SUqfYfIBBWPvxMNmNLjne5qufIbMf1RFWYldhlcnJ8J1ghUFVCL_32z64t7rg-pVZzcxynpqKxrzV3EpYdkREsZrZaqYuiTgRG5fmhLeV3WZg5HrJR80QKiOj9SDHj84XIHVBr17r3w9nXiXlnvPGhE6SCUm7aaYbzwReDb0dsLrqcKfZK1RjZtYS-WwemQxxQ4EYPyMKAPHOTcdtldWNV9t7JTH0N0z5xDf4HNhr8DPmQuFSs_m3-KV_P4y_XQY-WBMDgRwuMnL5Vv0yndtkT6EoZIE6y7rtXDTrI2Ym1nRSHc61DWzKM264_pIsdSfDIt0PonJxK1XsAsNO5ogWmfeH2BI-fD95S8V6-RprFYwzUz5e_C4HsLFXvkU4AqwdWjQYBmMPOtXdREcFl9MlmCtefPkC3erED61puEh4KRnBascuF9XpIZg_2b_T052xN2sNIPkDGnbf7o_oMc-w1bU42UvPCrj3_TXsAIhrLFzhaeFwZ7Z_UeN_AcmDE9-OTfVQqrPpxOXXN1UNsw5sK5GSzU3N_yqU4MkF2VXdgmYzGYPdEmBFWGUUR9UhpwrsaAxn74ZZdspQrz4ARnALD6gII9MHdD63ZUGSdvAT-wlzBtsqNcU2hsjSfbX_c48x4RwYO4-uVVc2Ru_eX3SQ&sai=AMfl-YS9szmvltba-e2LyE9vYD4uX6uHaZcgdlfBFCmTM3a0i_gXM5y6VMVRb3vhKleiJ2DdZQiJbDcohJu7Tahs0T-AUbE-Dtvzqe4L_gEac9ovnApYi_i_klakuD7KNgV4mvGbk8B8iYi-IB-9FSk9qYfcoVBXtXNxB_wYSbu4NPNWwMwZGbDyS-i9Xivl-TpA5gCD9sqnM6lfzimulfEWFdTspuARHEF7nMzALG6X9qyrJpfFqzoU9FN9MQ7V9bP7eizeSzxtpLryQPTF4ioRespvKWF3XFyBrWwM6UBXgm04V9bJ-VSw2zL8xStlSCEKAsLBTYsHWFYKy5i1O0SsSXFWE39uVkvxRzCmL1zbCdLxvdNNJGRbhA63AhrMRUfNjOcP0fMDVIRuamiuHjtq1DkFCst6NOAtTv2ewdWm3fcfxLM8Rw&sig=Cg0ArKJSzMx6jjrcu8_nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=488&cbvp=1&cstd=478&cisv=r20231031.91986&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB6A 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1593751906968&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB6A 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1593751906968&version=m202309260101&ct=77&x=1&cor=15404768939696644000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DB6A 16 KB
12 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJG5w_EQSbhrNc_Wi_xZVPQXvhbMoXxs6J1UOQmq4Yi1NsU0U63hUlkOHc_9iCRaFVIBcDWU7gYfMd7aPWYnFVoQzDePJUkPPylYeVSHNmnzxVAxr1MHO3vopoDRLKaSjVHZ3BUfgrzoPyr3ti0zaDhe0kvPn92qYvYmD_OqMxkuDH-TQ&cry=1&dbm_d=AKAmf-BCDCJ1l_OvdGr669G7Fm8mXy1CWrdV0z3ReeiaiAGz1r9jz1IKgaoY0OlPe27kCDWhxvfj4K9E2DDN32jorU-IXdE2vrB_ODzuVqsqWgF-PTah_d4phTZ85P1JaqNF_S5Xxoa2p-vbc8d5s4R_QdG7Zx0kmplhwktb3g7d0NUzag_ZGCUCzQ9W8tVub9SpMxtS3yXHog5wOXLWh01xwTvDUL3QIGVTEmuR_u32lVY9cevC4Cmx_bTtGfH1lWFc-fsa02BEbo6tChNSBAUnZDUymwF7NQki8aLhYhyNeYklEqGh_lkhrhAL66lyPNk2fA-GBOLY7WUL0-p7gvS_3rV_ZUHfbMHu9s9BFOICeIAZbrQLCIp0p3DVaos7CQkftYiv00tTf8gSWfBrcl-BET09v_S4VSTb-S-RQWBv9VQ2mDV5FdgzEn4vac11su4QZuq25jupxLQ999mQ29E6RArPYg7unFkuHNr545dpgRMy7aYBrcuIDQoU2lP19_B5KUC3s03NmzwD8Y22DfwvMm8C_ByEg_B1oD5_52iFikWfZvG8KQMtGpEUxbKWyP9A0Ys9lDBGx8artvE-M97kWlq4bITRJa9-a_thLhbGnsxt024s5sLJxZ9j3s9B5OehzvRyPuVf_IRWyN9fAzfvxtlxsSnK2cwKbA4w66_1BMAmOiKOTl-hzykcn8q3YK_lpneP-xK6xcwEmDMH3HSkEuuWAP8l2seIzbsD6-j3_p7VvOnAPT9xQL9wBjP9dBHK-PoQJmK5FUlP7x9we73cDvscW_Tqk1JLuzAmfiVRBdkoCxfE7Xqycpn0TSlRrbsl_S2HwBkyeitMmyx9rEQEOjFigW88vOZVPmitqxRTS595mi1yrru4K4-dNO88gnPyA3gayiNd_Cv4GJF_P8LOZpCK6q3ol0VVNh3Hre-pNDHpT5PZ0W04q7qXeUWmqLQ25yEWqEdkcbTguXs_5pMik987ZlqD5CudLmJuE66pWJ77Ij1j2YoIqpcDAqiCKABA8XBC-KVlm6rLSOnbvXp_1zdK7I3SVHPPNlp_k-aJ-aXfvKZK2unwc6jtwDuznaPNen9MF2Bj_Iwl79Hs20eoCcG4BAIP2jtQ7NsvU1py7Cl25lFzZEvUh7Lbv_NJvWijcxEjYz0TdrOMDJEz0yZaAkv5F1Z2DfQE_2H7nR5T61-48oNwBnkze9BD8VCsmv2cxN06ozUjBVjiisFP6q8Ty67x6gRHV8yiC_AI0ciRKRPJ6eg2wdMIfHV8XBuwWVNcz4OioGbOtvNnnVwUonHU5JJ5kxxBcQ-QxRYwp9a85527Tf9w4nWEwibMxsCV3_oWbt5LCINfRxVraHwp0vhPDYy_xDBHjivASp-t1MAU1-4AstgNsws30KzI8PFOODPraFNZ1OD2fFd5IC9wLyQsNsWq-IxdUh4vcXojBUrwbBFJfbmnniKgpHQmWQ7apoLIHrLQQOzD8xE5pwRqmIgDAD37KBoJ6LRDruiDYb4UpKLI9ciNHwRUeRcqEdFStunjVgnyaORW5yM8gQfQ5mI5FjnPL4Omk3vHrroADWfjPiLqVIQy0W_i_aoa-Y89a6Lnhkd0xhOf2A2WFnuW7lWcldkzIBA2lg46L7sN4L6KIcXhKgBgbnD4pjhN7q6n4dNh0M9hdIAvd4hMo7m8pgFWfnev_ebJPI9tQwqjaekelM5iiTmSY8KWmS0kFy4HQkmdTBG8Tbes58orl4QHuM7DNhbOlmEfyts5WlBdVp6ylNwPYC8y9uPVf2ih8c1sPZJJzWD4RxPWxE2sdxJ_0w_7mhQ4m_fbVerOsc5F0NrILikAuAhL94FYce9X4S2yE-udygRpVFuu-toXhTFfN7oCrATWsae_RlRkrrvg8qLtyyVOqzzvvxqwfQKCiEhF3x2AZMIuPZo4EXgNvXPn6VlDCJyaImiQJYjJCcib6MBG32ymf1Y-74Pm_ADFiS53npZpAPWYr8P4605mRTP3L3FfnfwHzPDVYVblEVzNt7_du61RMNpUSNYJa9mkotVtwLnd9jTNbzMQ6r6RJO1iGRHoj04kwVkBtk9JR8dUdhFZrFTwfeI-o3lh-vUqE58GkMk8Y3nbw0pBFYFqCKpCC_mNBYXkP5akAekNjDB0tMJUtPJy4umVCiaMKIz0NwB4otGl08rRKSqc9jOjx3QiWcXqnXFVNQEzHAOUQWIp2R9JhHN_4YYzCfa_r867Qw4x4xoEM1rd7nMI0m4tGAKXTHCLcBBgQZ4sJ4iFp2_JQD6cecmr81jBJVUsnrqGQprRQQI4zivGRRGY96Xuh8aTuRUcIWMHZ8Pj8qdvInqvfdzeMK1bQcXUyl-tg2IGJj2jhV2Lc4MlTsoagr4ohItXmdqkbAKqobuBv0f_htVsP1P4kyc1CHrA6gQzmS9oa4WNPbscvKgM_H3LrqWgTgFI7spzdOByQ3nmaEg6B2FGWhvqEj_HHsyZUYhhmblSQoeNnkg4XEMUYYgHVmrk3hwoLplF7jAqAZUqTCWCL2xT48DbdcfgDEOtFbtZd5nc2QBG7PVG9kWZ_2E-cQ91o0_TMyxlAAhZI3C__aNDAczR5F-OEAdv7YEpmySPIdayFeHjAP-H56dqwE5_PDCuBxsJ3TIgkG-zU5IsSGz2rUyBl6Rm2bGaSEoAB3WGlJhFoTqn_SXamK_kbpNYHcUl72UeOReVV6kJnJMsWnoPIXgJSfI8j2DaG6uPQXFsDoNd5ursHdVbWX5iJLGrIsMAmvBXTUvdo4-ZYcxunE7ALubxRGNIorrap83WlOdS4vaF51PPcVwTJIx8ND9FvwmMyMlJIj83E8o4p07opLLRBvjL4aFDg9VAGWMgf0H5198S_sOUQZxq4mdudtXmj_U60C0z6CP9ALUiFREzQpksQ4Mlpkk-Kroa_XczGIn7fmFy-rZk1avXXQcD4HGLYIK-7-XwJLWP74fpmjkcoR-DRKyzufvq1KsmR_KF0uORPcLqNc1HpfFTv5EOlS3Q9eVDsEqzjXAb0zuI6AUVxmhr2UYfNm8izX-ehi1ad73_2uEW1DpkleGczwjTPGl5CtOxFMIe6Qjj9BwIssD8y6dOxMko_SvyN4TwkzbU5jprXlTjqGOF3IO3n43bO8unr2RhkOVmus7BWfLIHUakZ8xALwGKR6CJYAX8hd_1MPKgVfCN05ZVAVVv_zplGMDSxI5BrSg3_cmBWKkoNK7NiGN_VFa7p4K2IEzf9vLzLjFi35w_7VD0ufR_4ul_57ZTIXapXuRL6BihR0pzsTlE5Nt-9au-TOK647tVLG8NyijYxurk72k1d-N1ZKfdJxkHvvIu20kM5XQC8T-9T1fimqjoHekjcUBlXST8ninUD5agtJd6IQt8uRcEo3_uDriwONRcN8acEjOuGiaUWVsH6sp-Ga0VACH7YHtYIO6fpZS2KATjteKeZAfcNpYtDDQHXuSwIZlerVK2GZVcsKsc1TvefIEuWUKQMpBJHk2eT7iMNZX0si7ewGZwaK3RfOjTKYwN1iXuvrqCuF1g9vlncdqvF2DdsMgZJXrhPDzi3RjuTtRVzGaLWWGpqq7lWFtwgnNiLZEeilDekDzEjSN8GoMq9SCNpS-mN28RNZR8Fc2f_q2RegLNXVuSlZahzdPHda03VMs_JzNiqQiLqMameRolj2uHi7NH1LRmEqXSFaETGJApKLK9hoWLLJrlUo-k577xxAYOXbxp63tzT2OuofFOSZjBVQvuDAltyUv4kJsoxK72fMREKHHGzyVrTARwykKbHpb5edmuO55Q_9DQebSBpa1BayBvyzADLYRtXId3uNPGGYvz1sgdXxKsPjvpI7ePLOZgqyNfYaDzq_MSpypipSGw3tJmH7Pf_XOh6sKlvjPGTelV-nfbG7mbLGAJr9s7Jg1SvkV07ijlXcAhgWrO30ZE0MaE5m0ufOwWV4vsp0HmEJSOTGqDbC1rhjLxuGPgmntaCSwk_hv9NKBRvGGdFgUZAQiwPFgGV_dG2WBo-dJci_HTOyegF2M0ShGg5iJd40jU30oWwaWqQgEozsjD1As22f8xIc8CjM2x8ZkBZE116HcB_DCnfZwtqJYLy8cl85w7jEq2RCrZnlcK2A&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=15404768939696644000&adk=3037181500&idt=88&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ea257bf774f16df85dfb40b20a43908c7a3c7c45fea59600ff5fef7cd1ee5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 2510 47 KB
12 KB 85ms
28ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2451 0
0 294ms
63ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCyI-5h8AvnngGYIiHjQQWceBreXfGtNFndC59n2vxYD5bLZw8A1p4lH4ydUL6UfNj9630X39pWqkaFDHd5sVXZKg7xobTIDjYTUy-jke2MdnwOarxWq69qkQJ7weoRoqzKqsMchPi9sN1dEeQGwrUsHxBxpAfXF60-x_lar90KiaFX_9GvxwLYyxVGSNdKMztqaiB5dr1bmFhyjylbSk3Ek8M0iG1J60ds--8Rg-Tbt-4uNy5H6ktIT0ubdI9dbq_7Yf5ZdA0w9yu0dCC94izB-d66I7xde4GqXxwXcTqWfnpQ5YtNzdg3b5iH8zPamMphSoUW6pUXFKus1AN7I2GHNQGdFxPtN0PWyT5ROP-btuiqdRhaYi3Gnza_3vAeU46COcEJQC8g9yl8Q67ENkZEW_b39MlVnYz0XKSJlB63NFjhGp450XwPbUjGsOa5ROt4V5vhdSsUsYfK_bR1GIn3HEp1rKks9QZupTgy7fgcpUgxf11oDkIDc6rdkiATW407UFJU_UeChkDi0Vr8pga9gFVpKbxBNK663xpTy8M7hSVHJI2dpt1O6oLtpdc2QyArRq1fdIHWt_j4RpZ5lsK8fFESJAyfEDFFTBR_umzbInbvm9amFgs-Q_u22owo3Ah4xr9nNM9M_O95vhO2VZF6eQyO0kK164JzxYsKezW_K97zCvok3Ip8C6x5P6gzxcdlNcsg9xMNr2MF3Ay_5XsoG7NuUBhM60yO4aCYUxeDWeGHua6vPMqAvn-js3QWqtVDaR3RLA9LDpZUU9tsWbnHINeIy1pEX6mOMyq2ZI7L8RnDc7Uh0mOUa81Ny_eH2DPKHgYKJRWjHEdTwgW2RrM1tuBhxGk24fv-vBSRq_w_MYooLY-vsIxJ75DgSAClF-GyUFjFC8H_Cl281-o3YPcPyepuRO6Mxes2sj_IrypXKifue5HenOT0EMpTC0hpl4GyOqsWwi7qpGZFICAk1M-4llx1Z1scfSH4r2c7p2WU86WL8oXbLk5FvrifzXqPMh7ZlGhof6i-Xjy80cJ290dCHDHXvjWbG0XsOLxn07ItgwXSJ0FooVhjskXdB7D_Y2pIs4lqGCj0k5qiFKAW2cPP3ZuRVQXN33FEssTgxoTSwT4VkKNFNdgTeV5NA8U84QwSS72in9YomzbV0w4QqO5Ydk-GrgwKxNAVvmJjgUDPUaop_TedeNqVNefexbf74I25hWIVZeJhcJc8IpbDpvS_XHwSpwA13U1w1yfyGH1xp_7yrtzOoIArAVXVE-yCUNxyfpW-nYL0jaPlXLm1UXQ-dHZ5qE5EuIQA4MCa91V_hDznd_hCS1yGR0XbBdtUgURqqzt991E7mA4oOzD8ETYRKgwL-IgqyV4VwYNMZJ7Eb7GYTHvZFE7AISdBXkx0ekzxS7cmXhRKpNhlBwW1zb29nmBq2tBBn77DrOhRZedrPoAnxoc4TJ1DiKP-sj3ByUOirdI5GYYY5exrg9V141nBrhph2r2wOhb8IfA6jRAyfNNgsV7lTTZCw&sai=AMfl-YS3OzQlKKXDkxoYwpeRoTrjSqYwC0L0JYH5JJFDz6vQA2Vx1cjDITS769bMlCPdjrd3ZlQAQLQZ8Q_MdWx_OEhkSM3BcTyn9c4w8Qkr2V0EeBi7Z4vceq5I5HznTM95ASqcrP0USIZltGdE2zuZl3dasc3iN-dwDIbdSBb3SiRPpzu-uEuem3ScE_DyhhZkGjjWyBhmKYozQf8ceI5xVlR3I8MMKrI9cLeUeo6lw-jv-EbvFWpkE7MZwA0Ypvkw7Z1xGlHBaB_dm0oDx-RZCdYIkkUUTgIb_FsULlAYij6UIpKM5I5l5YwRbSGudsa2GX-htOBx5OwC-2wr_pfr72JuLGQEVj77LgGg9bpMvKfu_YBziDR09XJJ_ryDhQwLGzyDFhyHZtTYvirMeldSLDS87JHrClsoLiwxPrwggHV6gTH-1w&sig=Cg0ArKJSzHHDD-fBZXRzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=568&cbvp=1&cstd=561&cisv=r20231031.50786&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 88B9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNrkUSf5bPo9Ntc4_g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F989E653E744393B6B6B9AE38F7BFEF&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNr...

170 B
232 B

45ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F989E653E744393B6B6B9AE38F7BFEF&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNrkUSf5bPo9Ntc4_g

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5F989E653E744393B6B6B9AE38F7BFEF&google_push=AXcoOmS_BL20nYnGqQIfG31wl-JCKyzrSr1MNb3enRs4F6M8VHj9064vQo1t3s1Sp9tPAxjAUwiPK7DGdpXvtNrkUSf5bPo9Ntc4_g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 88B9 0
119 B 257ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmS6jcMceHVFqGINfd0mRly4u6Glp4vv7MMx_lj4yIlUWLieGDQU8OE66WzeLPV_X_7n78x0qQ4gHxGf96dKZeLjbBB6QlzPcA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 88B9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgK...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xsMjf7zTT1wQeDzn_LBacw&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgKJYzocnvY1NcYCQ

170 B
232 B

53ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xsMjf7zTT1wQeDzn_LBacw&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgKJYzocnvY1NcYCQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xsMjf7zTT1wQeDzn_LBacw&google_push=AXcoOmQc7rNLMaAV_xLGJcCeLF0NRtWQkmnH0sQLiRngbcNpw6HMy388mO1Orpe7nVR_CemHKVRGhA905TKmSlgKJYzocnvY1NcYCQ
x-host: tde-deliveryengine-production-5597b7478c-7tvzx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 88B9 43 B
363 B 237ms
9ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSFhkUvLEnRSEqYie1DFegQr2LinKZiST0Wxf7q73nrnP3lHz7RBIX8qJacFJAkTlbfJRXrJJvbf9hXSbk3NU27B6WhOlTT&google_gid=CAESEI_sbMpnusdusKYAjobV8Qw&google_cver=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 164940
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 88B9 43 B
236 B 250ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmT5_yXavBTUazthWJUm3uL9462Wxe_Sr5V8A3-8pKgqj5UB2YOQhD984bO7gGLAwQJQtx5M3fqMPmxsw_HY6A7GFtkVNxXwGg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 88B9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKfOsABINCLS80XWhXQGiNM&google_cver=1&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OEr...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HS0cwUzgtRS05TFNG&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OErgU0Qmeju6Iu81PQzOOYJItagIHg

170 B
243 B

42ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HS0cwUzgtRS05TFNG&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OErgU0Qmeju6Iu81PQzOOYJItagIHg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9HS0cwUzgtRS05TFNG&google_push=AXcoOmQzeTU_jvOkjFVfD5quMp0z1ujbdW1EQ94ZL88W550-D-aTFefb8tuh4Y3j9ZoMTeC1OErgU0Qmeju6Iu81PQzOOYJItagIHg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88B9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-f783e1d3-9223-451b-909f-ba8175a84914-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS6szz0Fn2l7PnX1r5X3...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&google_hm=A_eD4dOSI0UbkJ-6gXWoSRQ

170 B
188 B

29ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&google_hm=A_eD4dOSI0UbkJ-6gXWoSRQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS6szz0Fn2l7PnX1r5X31C278Cj_zyyff1u-1HPJgtACw0V7KHZllpaTV7HOVxtYCDUzKsT5AX05uFareCGtzvB6k6y6hgqkw&google_hm=A_eD4dOSI0UbkJ-6gXWoSRQ
date: Thu, 02 Nov 2023 02:27:01 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf783e1d39223451b909fba8175a84914003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 88B9 0
40 B 266ms
38ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFym9rQakki96Bt4rQR_Dgyfrm4lQli0pim5k_gGlBK9IFaccGyudVE-qHlQqqkcFnG0e3

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74DD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BG...

170 B
232 B

49ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BGEWUIM5XRi6RND0Gx-ZvKpNCGIXgZkgWMOq_aLhL30lLjIAiE-_oti

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-066d8784b19149d32@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRKZeQiqbYlVqIbWenLB-5O-D-kt7slbSPKTlQu8BGEWUIM5XRi6RND0Gx-ZvKpNCGIXgZkgWMOq_aLhL30lLjIAiE-_oti
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 74DD 0
173 B 251ms
28ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmTPPovoX98okPjBxqX_haFmB9WAKuxguzZUCababFeZVaX93pZl1ga4PQsVanDV9Yqw02279M0ZMd-pz7A5IR7PmyEzZZs
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 74DD 43 B
362 B 221ms
9ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSGgvoGiE1l5A7OERPpFWPQ7hRHUEFLob7NFDs3fVUc5oa7Xmj2CBkz3XhYSNwmMAZAS3bAE2ZZF38hTKnw7OiKWhKNJwH4&google_gid=CAESEI_sbMpnusdusKYAjobV8Qw&google_cver=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 207860
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74DD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

29ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdPy27mKbwbSJsIsc4ZkJZw7GMirARoXnuJk903GkBRKV9RfSLWeF7lzfhJeT_y3QPedakvxFLtMyR7Xck2yn5X1-j8WLr

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRdPy27mKbwbSJsIsc4ZkJZw7GMirARoXnuJk903GkBRKV9RfSLWeF7lzfhJeT_y3QPedakvxFLtMyR7Xck2yn5X1-j8WLr
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74DD
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw&google_cver=1&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjj...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA3...

170 B
232 B

34ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmS97ylWlgOZYE_aSaZDk5lXQcM-RTmqaWUcZIRZWGJpabgyYOA325LUapi9gYbI_RB_MhvYOvB4PxJpID7AL0H7VB1ZEjjV
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 74DD 0
45 B 302ms
14ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELL6K3HfJ6_y2cfGGwbXyWE&google_cver=1&google_push=AXcoOmRYpyTgX8TZ18yc31XNcmkypFN3KePTnI3xtXdOx1TgFhIFPOhi074Vnmphn-3tlponP1dDFqyKmZp2CBiZAMe03lI3CuxJ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:59 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74DD
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4981196e-745d-4c96-bd2b-ce55678f1146&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

47ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4981196e-745d-4c96-bd2b-ce55678f1146&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSovh9x3ImaME36ggnIEm8S9MwLSnTm1KykO2zm9x5nIlAGEYD0uQKOdXnUmotL8Uki4L9RbxdllP0iaNI_qw5-MkrAfdcATQ&gdpr=${GDPR}

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=4981196e-745d-4c96-bd2b-ce55678f1146&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSovh9x3ImaME36ggnIEm8S9MwLSnTm1KykO2zm9x5nIlAGEYD0uQKOdXnUmotL8Uki4L9RbxdllP0iaNI_qw5-MkrAfdcATQ&gdpr=${GDPR}
date: Thu, 02 Nov 2023 02:27:00 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 74DD 0
49 B 250ms
39ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jee3Rdj4apjV_gR-XQUx0U9OuTAusneJKg7T_CKrpBb9x51nnAaJpyQKaC5BTuLvE84-kFtQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 397E 0
20 B 54ms
51ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6852158683786&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 397E 0
20 B 55ms
52ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6852158683786&version=m202309260101&ct=77&x=1&cor=2499934831662535000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 397E 16 KB
12 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKIOMqVtaPNRkp3uvvYAGRVLb3nlyGVQDh1-mEJ4FjfHhcJoUv4zlbQcuI5y8jl91hs5FB3Yjcx1rxxAaufAyK-wszG6wJUlaOdfdAqLeCR7b2x6qf4Hxiduz3yCsvY0bc0d_APf9Jh6vHhdCv8epWzrsWnr9X9lUtMqPA-Wkh20T4wVk&cry=1&dbm_d=AKAmf-D80i_X6tKPqB6Pw3yMGrH7lecDmLOh7KMPf7DgHU4x5O2comHwvM3V-qtGjErqIRg0fwV0lB5P2srEVHcpNRkXzT5H9lpT5Hhl_Hxf_2-bI-oCWp2NMrHvTRt4Nm8lIQPg4sfO4BhZ32rRXokxZsDDjKFL7e7R4NwpePIBeKA6j9Gkf7JjmVKnARy1aZ-h4QKBcT2opRUuUCdYBH9ugW4Gqo9oUW1yt99aBVT27AwtVd1jt-JX84Awl7gjNxxvwv9Ee9lDi7EauB5ysBGiJek2cJf7tlgtHHZ9qoBuhLjMsSAyOlD7t2SHFMI-wiS9sIGEA7hhr1sDjns0VHOBlnbyuTeMup_1OOFH1Z01sCE0H6vSpZEUg2meLLEXknA-48QM7CoYqlgr5BkTRXVgh0n5LbK9ayD8aEX_RJ7jzSq_fTSi2kaB6B2ANH9Zk6mykuRjEL9qjEyrEhDleMyZuUrltwhL3n2XxBST1nI4_if8-92mpkgeAa2-4f2AAjkB9KM0sx3Yal20k9CFFIqxip6ahaWpLA-Kfn2TmfntYjrsEh_13HfmG4kKaF0HcgLvKzsk7FjevcdmLp42KlMc5Cw0aFHbQ6EhuTIZjVofM_68h6xz4d4nDN9J87qQHM89JglxHlBycch8QRUhanaApxGPILBdRLJlnGVnfOen8jjIfxv9-9LDotQJ9JfEmgaqyBkVDc9B-7poRgUHtn6Gl6udctpPyJU1OlPBQNKWI48dQQaW6RsUJuVzCd2knWoe4ErXXEZrc93Py8ghAL8IHRTUXTBAC5pmJ8BPwQnvcSgxzXkYEGE8_9HCpEFXUmKf8qtvOAXsx8GEQ71V95p7Q154Z_aedJ8fbK9vducsaBgkHJJXKc64dVa3ZyfjeN7-3556RgZdH6TRolQL51gJzgeTTOxDSEOqta2TnYezhWSpfDB1DnfRdJmanpMA61HRuBcIrR9VRkDnZolPJZnmvFsG3iHRi_dRKnCLVTzvvcq2u11_WEiEJKgciIARMlkEZX8z6_Uk3Rs3yXcPWDUV07wRTZKZ0_iJvgVVvQfux003FYLt6Cyvbsyi-uMpy5QRfqImHr1_r5EJgToGSiQEBNGq6V7UdAzpKuIDomSJBc2bZLuDTcCAkL4PGA1KM3tWnQDq8hHXeBvPj6zwqKmqaFsZ7bogrbwVbFjrJgGTA5bbuVRYWqAgbRZUHn3Fk9dw_pHRsvk0r-oSw_oz1ZlQw-tEoJFFB_W30VisB4_cpT4lTTVPBnkqVGz_hIWZoPZkvT8rRhFNV-0fjRiHVnXQY_DuR_cPECmsXB7r9TciwVi5ycTnn-R4YWhHPh9PahUpp8XipsA57igmjpzN5C1jjufLXOAj2z2EKv1Cuc8FlV89UOzBsfoxBPOZ3hWEywg4hMhFXTBVaLZ-SIYqly58OlrvpUvR2OvWnZXgfmcnNx0mWrq6tMtktibVhbVmGUDwczHat9km1RJyJ6A72LeUfeQ5QzHeqaTgXlG4_K9SgWG9mdtS6-JPNUDElsl3kxp15jBdI0MS7wtPFwdEf8oXZhOHPo6c1qiWMq5mW99Kuz2wirCq_ZIUQOFBpggzQoOeGOOCbzeDVtlXRmBpw0WwgZPh4MBht_fIju9hfiMFfADlqy5cnl4-mNeCqD5CaGYmClcli79O5bMxS5z5u4FXUW1vIL6SaV_PiDkvJK9b0Q3WakY7FEyRDnP7xXzm-qy97ZeZOkispgVXuTI69oQq0AK7wNwSE883c7pae0nYIf9RN9c-b2_aAZ65DrTZ2cjrApvehwEqg42_lsq6ZVFjVrB_0Uoo08CPu6SSoYB9Lf1QZfv0fVe_avNwTYe7L--qzgekPrPrgaQyT3dU8Wqopx5tkk7CNh7w-R28PJ-J9xF2KNbUaIKIoYVXO6FrCLe0BAyrTFrl97qWFL6RcUyO0zJ60ENW1sgb6syAZcGPm2tMUGPbtdMxDRwm9UQp_z5hu7sRxRiIGzyODzJHNgdXxdrW8TqCmnVSWoHiH_dqRiYf1veqFUNTv3Nnx0LYyi0bDu_jWHL7kwKSsFGxlsRHC43b9EVXx6JG77l4s8-kw88a706wVjx2a5dmuLKBJSIxRGAj-ZihwbX37OqeFOLSaP0yGuhDNPX27JM-1vHvHAn9sE_e2ETsuIRXfkd9v3W7cRqKWdCwgUFXfwDzjmM5u7eFKdSHLP6K-x1EXH68aLyWeNTMViWn5QhBvWL3m0o_2WuNHVRJNSiOh75dfaO1Dpt1k3VYaDGtbZOnadsKCz5DwCboVFCgBEGl_CRtP82et9zCjJtIMlkezEKyTsHwHUEKgHJPcMqJ6X7-33Vc7JWTQVCDxWJoFhhgvYk8dLQsQgDV06yGmK1EWgGGdsEm5r3Zbhg0i7G8FuVnDboXzqqDAjs7G38SVtfExVABMtsgI0u-LRKWNMEhiMlYYN8CScW_9HCXxPqfQqoTQ4LILrygDOLuzBI9PuPYATpMMgh_tXxvxuD2BPuSaw5SI62KJq8Sdkbrxqkcz4YlF5MPoQZYZExcWrl7mX23m58U_hztHK9OkU7E4Ur9YMpq5zOQFfPntQii7mJLv-9FQudVsSzzmpJJB75AwgoMZsAoyDaur4tsx021Wzl5oBg_AW-QgzZ9jaIuaL3EgGvBAA24Tom_b7pt7U8dcuWiBiiz6ZHRahINs6440SfsqTUy_ZpDBQzvNtETrWuZYJdGdPZEypeu4o9U5sBz-iWJQMywiHrAnTr0JLFsaPxUMpi6nh9w07edTpuX7_fuhMEWMH8HIkKnuGMx-PiX64Dz2FKn_mWKh72flSVGW5xhGoRtBUZdKnJb6g1ZA0KDYMv-JL3HyDupelZFq6bOapIjM0CyS_VMfAw--ddRzPQOwSjvrqnsWkxhjimNebg63hVgXLfLczTfGkukIF72mz8VORhYWYd4Z_Z2G5h8FTMTzymNss4mHaHS4w0t3W3pZPvwMhJ_2-6JjivYYHkV5j3NmBcStcJeF7WNhte4e9xUj1ALwcV1leejxmcLY5vfubpTOXqgMmBcHiVvWJd42Z1vRvx3Ok1a8lfMhWF37xWJcRCFs87YlLLvbsHEYqc-Jegv5hL_-i-Il1EmyTuIz4K-m7NTce6ZWQgkBQoQkWhPJ80Gmp5_t903wo3XIXLWX7r2pJ4Aka1VKHPB01GdtLjOg6U3WdcTyVmh50YRIp1cVSj1QhZBpe1TSC_IZlluZOH4nVKaBq8KWhLvTQn4oT6-EXZ3-0PlDZwiuRY6slzb9k03_i-DQZ-rEQGNz2duTivMdjYTIMJrYkYXjdqgj5StFeAB_Xl9R1kPsRBbTtQjlib4IbSLaWiLH5RAPQk6N3f44gDeHwfc5h1e-5hZLv6fqY8JGRTin94opoB57Bzu_izbhQ7afEJ-ss-NrLSdelekFQOTWjONep5AXj_aKnwfPp5uqlZnmPE79p-PUZKRw94ogiKGZBvljeae5cLlCd7jqA0WsDOiPys5GFGI8n_GMk6T38cTkqYHmEMtN6pcfqUQjetX4X6YHKo4VUPvVWHEAB_wqK27fafm8rUjp9UM0iKHdcrzEXlVUb8vHrSVGR_cp0BZ5JTf5ldTuBVv4n_-kEKHLh4NYexTiUH25_2lNRp0yK7YGDnkj_Vph0Gtt0mgfseRhEtfcj-jq8HAIWcxuWgczCkI-YLU1t9WU_LdC3WHWmvBH4lus3PiNq1IQA9UiuWeYTUDaWZNWJkt30Jj35-AjmsJDpy_q6hdFXb6vx_NTjZEiu-pkZFK8sJCTHPxRWPZ4uzk0S-r5aPkDTGwQk1b_QUr_ss0bb1OmEzoeu4138wWO_L9e7gSJFbSA1IYTYDwkv4bKb16hFeLkozoPLNqOxL--YMX1Ra48rRifjbGq3W6L_Q761vofj7AU-3kKenAxHg-kG_eUQHr6vqL4myB3sapOfmDqkuEqnITXPe0jxjr4x7TrUCg3A6SZW0kmcXCgOgEKMmT8OFQruCR9dHVQiuDU25LSVy9Apy6M5pfDmyNWpbislNPMnTvgZO90ge4zGRxF6Ue6wQumr7xz_4gd12SgK7wqXpy5Hxr3VA45EDp8rmrgFmAT5ccHoUT634WPRenMsBvlA&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=2499934831662535000&adk=792902355&idt=96&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eedbb41f8dcffab689b5115d7446d9fb9df476cea4979d1d7d4b10f3942e358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A60 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6174631359969&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A60 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6174631359969&version=m202309260101&ct=77&x=1&cor=494908366874242800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0A60 19 KB
13 KB 106ms
104ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN6U_BXetvQf5cz15aXK9ZbS23wu4iDKACRbEsaIc08X-ylFnSj34LAyBWjA9ZIpEeDoQ3xV_1YO3pFqIXa4K-rWcu3J2PdEgEZSHqAzd7Lw5-sJfAU4pCp8h8gLgFFxjLxxrOq9oWInNz6hiqfVTZlozJkexdXAXmbveHejByge1i2VM&cry=1&dbm_d=AKAmf-CmD6TgPXsEgzxRz2ucSXz7Io3Gd55df82F4lqjf5YVQxHuPz_rwb41k5e-C6TSBpFdHejHYNZIj1cFgnybMPuIYhbP3dU8QZbSAeCfBmkXczNEwzKZnfUg7e3jhb9a2dSWQU1PMLoSf7nfGCw1cXNL3H6ll5ZP7rpIaI-bIrbx7NfOfAkfGKJGqcV8kkmoSU4BKUTELQLM6sLNhE9Bz7SnIlELAwDZHBCuDxSwK1jOX8dt0v5Z1bXu-6p2GwVKKLWRKssFn7_Oh6wmPJdsmuZtRGej9uPgNNQLZO7NemS2plSFRbLhPMX0QYvuRR13A7o1BVC9Zyl_JrxZNtzL8pXh7GKvHCvfZXwi_Jwk2COmCwQXqOHcG3qNbKMEmUqKpMkFlkOOU7XRdPFAY_xMRyaYmMvb1yqfzx99u7McppM070ikpR_ar81OBYYz4LfsfDXl3oLExXqiLCZO4b6DVBECKzYX5oVDURnbmav__qCi-Krh-D8kLdkS1cFg1a_phJUJZUWOGrlfd22I720m5KvHi025adBMZCoiF0lmQtFevkBG2OFPjL_bMZtADW9ON0-1o2NlaKHgj34lDvKRaheCaUTbDa7Clu6P8SiOMVSlicq5KL_yjIEdA_3U7Y5yuagBNQnSxiDJ1Lg-4frVEuEa8bRdZKpODgo-QtZtWFXt-L_g_Ljt0Qos857PTAmuEEKDUjWHqJwYw0Pk4DE15VxDjIQRHDMEP4SQl_j-lih5L_XmOF3j9V2ng2-lMtaarv9f1cnZdm-AYDkK41ipzJnnxKivVAkrhPoK2nfwRku4EG1I4pdmLDMHmPujUJL1Gsv4NyWbvC_7BvnKFBHeHFzbsqBrHs_srQ8DZIqVM-WlUhLTuNJCSLA29n_3uQqsXhKnaD9ifm7g7G7Be1MOCny41xTtHbw5ccItLEJHGOdhxL3a_5rPF838un4wdaIjbBK5iv1-O7G8rhO83ZxiYKVk3tvj2EJkXDnNetkFOl3itmhH8efwMJ11_eASg-cYFlZuOTXH4ECS1opMhyhbB8lLOt6JY4ELo_tW33-P9oHBYZ1Kmgl82KS_hAe1LBC_bf6Z37yHSyqAdnou-SKP4ZzPLNjxU5-7qZwLxeYwUB6V4TJJ-6Ppz9XIeCEcrxcLUikv2oWdiXJjUV7RiwPiLDuS6c7rnqHjSpykF6rfYUpd_IPxqw5_0G-sHoxWv-X05j77GZeYKNNCQUw-NXWN53hWApHN5Oz1jp8wSLcpZDVU1ijoPU98uafEhKCIRA31laqPKOoqXsk6tRjw83ZtEjYSSMoRkQ3w-TEaCrCXUyj2wneMjOmJDSY0OpPdkadw_IjTp_loVADgfr6ttHFL4ST0ldPnzqPAtbkK2ZX4SLK5ZckQ-4H8zVd7Qdzue5oePDepw0qnCWOBTt4-duTz60LvNSrjfHasLjg0RbgU1b07HwnExGr5ycJ6_DFywqjpZNzqj-RiVcAY33C2ITxWQvywdmUd7IGGvkdhw97jAV_30f15L3Oy6N-MgRA6G4LwrVT_Cj19_HQhUqDHk6bOvYdkljEt4XgbQFZnXrITQ797amz_VDz6bYgyovvREWC6bG601SSsgl9kBUJ0CO6OqxBc_iFb59nZVgP4HPYHAFU7s8e1KC9KTF7Bs2dic2vjo1Yz5SoIH2DSvzJ8Q2SFa06VCnd3rA2YCMRTQqRxuaT8mu51xRsGJrdPzT2XBPGwDwYbb4GFzoy247ueEISBzU_MpPq46A9u8CctGKHVKWdmYKxI6k3JA9LHoz5wzPh3IxLLGUI5b-bVgnR0VJc39xmCIhXh-vnYYcVefFSY92uMkFlR8W9O5W0cccZ782aat2s0gDe8A0pdAGxREN8plp73ZzjUlCm3oE1OXE_DY5c6QZFe3rnwxZOxVAn-m91uY2IqEOcbiU0EQfuhJcIMFzYd3LtnfroVufQTunWDd-VXCCHY42WS16ru077X7ZD5va6yr9NVnEnKzqR6QAkv6oyPQEX4cMcyPJ12fcqAo2MEpR3J3Q-FY5HCl4hx3SBzrzr2g5zKzZdet8OIazugrCoBZbMseH3uyLWNoh1ry_HmHKuwvqbi1wXGeaPJVi93U46niS-e2ZUCHIRNUkKNUHizUrouMmvuEH0y7RQKGNNsg02mn0HOdv6N937KIBu7P7uvf8tCzP0ZU2VypPkstBWfQnJfMcZ4kkSliWB6oWBZ0GJQ97nOLbicQjyfRvrfv_WynnhcstSq8apPZniqn8ytehcJijGqJTfolKwkOoyFmTe-FNAlTBOmf6N9xeqqMSJLmt3w9zUSi6duIfMOWnxCBMteesoAHCdTTtRlB15mVeOJRqOtVn7nAWBn_Ycp8mbtrMZkZcTU61gr53jGkdo00r5_3xI3O7rkvdKoqGqD1wK5zYzkbg--vJWMSBPsmaaHmnBJEGDAugOcTTauxZ6tmu_5MObkcvGeOIiy5mAXg9VM3RjFbV9Gz_I2lsYcy0f6li8cB0lT6IkrGBm497XBlS3jjC_s-pPoyH1Ge9S8KHl7YwvZ8GTPuOayoPCSdG4yIDK7cuWCBYK7_LfCYmYiZZ93PsYFBLmLDTozsCJQuqk1hfyCXsdcbvJLd2CIQQj4zM7oT8QpXbSEIRIKO1BvacNbbrm7DhRzUyBcQMwtlh-rOmk7OAjskk47B19d45G104Ps7jeaAuiU3NyW-OAqyo--unpUgMb-e8hSK8S9R6kmEzQYSS9cO0EhALInp_gGcm2gUL7aNTXTtfovWeDgYujTmjxbVDAzc0t7TUO5aCgjkkvOsFW5k159u1ugVtnCrmFSUYLAT8ElXaVkCeyDDkrW34ACObY76y9a5uEh0aMVifYyhhzyST_ISDfZlJcbTSMmnvwmN6LelPYE9VZgMHIaR2ra7JQsYJlQC_NWyJmhBf0NXMVYBVhTegLkrWLeAEJiTLryS8v0edYUjPh_HdidM2mlob8gdDVyES6I8MQmTQDJjmvvzHlw2dH1cazI8B4YEWa15ygX5RV0NnFy6xGZpXVgLnQ7rbA0ECUQWQRjr_XbTxqJVGUh6fAccx1YVFfv4L6pzrX5Pu-GdR4d6YbwaSiz2ZGLaA-GuhBxZ41LbYmMqASH6KZed89PtUgo9YaoshCjfWIyiF24wRNYXM-C6nvRhfvvjHu3HQNAH85hStNSTdYA_RNgxRwe3XudvCgqjNaWikQHe-u7U_zvACOzPT-Yc_HbYzMzOXJBO8uCR9KoV_QCEQprts-pNAJBUUXmAFtWzp0RIzkALEOcK-oEWfvKRVGkru8JFrC1gY9nGLZz9dyVPYChPD_sgwxD_dx-ByQXAfJ6qZlPvl45dNRzpQFFVR1JzylDE38T1MqPQ8U-Nie18ftrSMHYqk05A90vRJfq0RFgnNKB4dsZqbnqvdKt5-AEsX5y_qM8rfzsNXSnHkvEcw95SXE81ilfiVWJtmMDqoCJHaPXdNOZlo1JTASb5_SlxoW3U4eDFTaqvOgKYEvLCR4_u4oVbXpuT2kHcfprig_ieCHDwq_X3kzSP3wKzgVVj5vX06IsfH2SgV9At14-dCkprF_a2bhLjVFyTQiytNPsk_MZmP4rW8kI3R3fK-sJ5oNS22to3VE1BiMWozMxO1f1qsqaRZcrRJ_pRlrrUW0aOoYzHHPoUMh_P6WHtjWq2-pvB6pjQvcib7yrGMDhf55mbuIm0ucOt0TEKVNZMc2i2Lt9vlzbklYuhiKw0Z-srgxlEvReUaJczSuoyKqqEhtbLyIq-NflzD__JfVurP30z7UJMf5d3sIc-Y7UAPz2jhpmfUcgUdhxaZnjVzlJPzUEqblQvJfFumUYMXSZMFNZ4qTG1l0WStA4C8EwKCwQNLCGvSlSAlP6Arx74hUIiBPC364eMKUst4CiuXonwpZjQYA51huRu_vCg8PjHsO5nqiQPfq4knU2f_bp3XCD-nUG8_pT0HpVtzFJeJ2qjXIjFayf9IMJEInF7qx7vI2ghI_CxcSt-vSb4o352Fc1bu1fNqp5hTbltbnvulsJ8UHkTWHnoFGC08wOx3SXEukAKfrzlbUZ4OCzTckhgaZpsQBFThRtAMMIxCnninkrDgjYK9kmSMtApaBb5g&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=494908366874242800&adk=2004672170&idt=90&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbbc566b94ebfff6dc1c55205e20a3049f95d40f8d6642b362b2e15d0b602ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13564
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame FDB4 47 KB
12 KB 127ms
71ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 788F 0
0 263ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjHCpSGniLu8RMXRTrgcxmx_RUBR1PpAzqS5eYTUfxnexwohZW1Btz3G-3nAG5yxq0laXdL2KKl-mRWY5ERlEncY-iiwts8mN2CXdz8wvIXn0-4ciiHoOPPUxIv-p8pluPy4vrtMvWGPeCSFE1xnpNU-jT40d9N4rmfg8BnmyicHJlQBCcLVU8UMQs2flPWjp9FGBbIM_YJnvhGljhcKdvRW8sApI4grpmpneu3Y8VfM-MeqeohWbtL3lYwhwhEYa0Kh3x8j1OQRhoEUSS-DIVCu_KoTayj1aqetU7b1hjGpPbCsiVBze_iv_AbhQnzRWHZiQdkDfXE71xxYr6gwW6eeymdibZ7xDig3PE83UauKDeWFVrdrkBqg2u4Z2sWFbzUV0xlEZOsZLsJv5xNr3k0T17nUrcpWfmbS0i3XFN6ZQQcYapFYoE3IthfVsh0UTc-Wc11wS1L_TGH4e6SO9k0SXnRaZSJEcq5Kc1OozQNzXvJszr4bkAKJE9HsOlZ3btG1I3_xe8eOUVQIVWfYsPCw8lmYi_MH2RyMTU2HE7fFHCA3acqhztGTyOpq-oBZpasepBiDrT1pgmjSggLKNcehmy42dUhZN8MkiZeLA9b8jNQb5piObeyVtGq6aZlWx82LuJaEzBy1dL_ZHgqh6ti3FdmhiTHWMBE84Gxvx56Sty85qMCLrRx7DpFJgXtQ3U3DJAsQL63x_M-_oYrHDbWn-xLjeMCRw9eoQFHG549IMXQi4qFHUPcXMa4Ow_7rT1auSenoiC2X_g5QsABBOJuymKfN4YLDxz7eavtCDgOaUdDOoUrnvBG8QeB30-Vq3C3CyHs1-wqWeWO5p08fn9j1r6v6J5z1VI6TzXE2oCosdaZIDp8p61jIht6-loXEE14CIMd3WsgvWwupSYxW5StQtmyJ3ip1FZQVfP4dTAvzSNZIwImjaUV1b5VrYHnwGvpn8PY0ItU9vqcuL6b1aNJuU_PV9VsFBSMZB2FGuzTcKf18TnK7DaZBKotm6GfT1ury1XgFuUS4N912ypfLGOAQIeF0365QQSNmcR7rgk8jNOewQgvE2sH05jMNcrk-zMtTo36XkP_XbfRT3ahHxcsI7YBlzGC4cKXVHls9ViGItBvAXhCsuEjVK90YkYJmtVLpV5RJ22I3_bQMLKBVhRvA09yA1pf741hl25GpwSI0yimLB0ZjiO_jkHEF_5pr-X4o90t_MQKEh3tQv6Mzc3ceFIk-F-v04Tfm5-TX2O2Ys0rh-N9IhU_r_HyT0SAfDNwpzwyEEz6fG6hDUEkQW6grunFaOivl6xwIsR7fAcd3E_OqmklzGS6nvGranfHl0VC8D4pcq9qgmZ6JUo04KaHB8ClNFlbKt7vM7e9AxfGaQva0xobDhb4UyhB0CBe3xMDgF4CpVXhHty7-lAMpTCR1aX-nEfXvmgrgy60SuEXbKlRFSNDrD5wg9VrvKQGjzdQMI8IxhVg5VsK4RIVzpzaLhFAklAKM8f0Mh-StGrOgUHm-cgULUknA&sai=AMfl-YQVOsAZzIU-HmZp2tT5Kpx1n1LsdOw8mB5CQ9olLnd0AGqntKd5Hu0cW9zCn80VAXkSUrTXhJsMjON6-n-Sf0Vb1Lnv7hQt-4ODKTXh5cnfxOl_OjMUIbjft5sVpADnnEhTdvGoBcDG87x4O4nrboHWLgF4R08foh61Q4SyZWfugmKLSSFu7lnSOVYWHztMJ49EuTe4fjgATXArQMOmOoQFHGgGKLwEASe3tEwi52v9HHDWuAHGl-goCWKERMXU_U_neuD1BKpxhvZQHlFgJnuNqP9Z8jp80L5ROYa6BLXsILGYs7rMF6fdoerChxysymcef2_tVTdCOLmphbSrUHcW3xBKuo16UUJk_KovrwpqCWX9Euu8WTizwR3ZGTzIYg1ll1cSYeRVO7L_YwFxntJ3pfqNkFXeUVdHiZGSlF7WvdNGJQ&sig=Cg0ArKJSzNUsssrOSPVaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=509&cbvp=1&cstd=502&cisv=r20231031.70065&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 1948 47 KB
12 KB 81ms
26ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EC6 0
0 252ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7pV8DDZiyGnQt7ELlD9I0WRNz1U0BuRfl77Fi9JjEDVjcajNQeaNRkkPvDROm990Dqp24Xi--kOASZ1r_zrNMQK6uivbiTMiNLOC5Eg6KcEKc87tMRy5kO87JjZJwQpqri_tR1MX6mhkTNVU19zPjSL_ZqoCHfeFmqY5FYf8l7WW1dmkVf50VxdVX1hd_yvviTiIGdJicgqFgHPRAjJSSdwSb8RyR50sWediPiq_Z3wazRk40QGFJKo4YX6DCDxbXrcndCDllEYf9qyFMGSigeHobJCLR0qYtRuzJetxtWUWOUYpjv8NgcFU0VQ5s8LxriPb_nYwsYkytLm4_7cUqjlFIk0JHfUtfmrjRGhpNnznnkq1p6gtveyrTRZ3aN94tEsINKoDYFFjRuKVa84XCweR8F9zx2R1WugAAVXOD69A7y8RffTlp_nhl2UJz7jeRLVLRomG9YNcrJlCjG-Yydmlu3dG-gZQsY2YHVu102d9Omn8n27bnOY1DyPkZQEvitvvf0WvTLkpNUKycoF0RZAHfKTLDV9PHGQ9Y3xK6J1IhZ57Xa5X_WZ_gfDoAgi5TnB-6rXqQoDAyA1vK15pOWhz21ZHHk4Iy7YQxJhWqn6ROdGcnAKAxpRnBgI0LRYptb-qBHZw4h9ONDTp2rzwrqvdeTE0GegShMzOlTiqt6G-8r3TxutEmij9UvScAhg0dD_xEDsNHWi4HfFRglbk6yB8aphoWVIuK2WloQYUCB7i4uIUru0bhSdLr4FzVtCqjgUvth5Sskyui97NSyOJT-W5agqmfU1xdrMIKyGHIVPlxG5nhHSGkPptmvivMzGLomYZwalbXAsUD8IBGnrM3q_tWGhn-dGoSLkxo4Aif5RH6TzrJqc1n1h0tv2WQTpc4D3WkL_WvnQJR45Dfo3NptIETBh6oVwO2ur_22s8IOBcw-AVg4W6mo76PgOV8PGHQq2lTxKQc2ONtF7JILujpkLJ33MJoYJZlJXd7rvlO2_az-P0di1GxtLYwDlMCZ5Pdk1FxKmRB3vMrp3E9pdIe5REeaBIkUACyCSlejLE6qW-s-awGKovMUQY9ae6rtx19d6pT71gP_BLBLJetCuHRUAEQlqMFGS-LMTn7g5Yi-XQMXCmTv0uH1aiMcjdk-2khPz-HQg48o3lbqlG1E-cI2waQDaREdKV2IzEYZw2aX5gvDG3tEpjrq5oi5bqI0USLjuN7BcSoAGpEVoCUmReKitOSM3jlXTR21EH52xkEUhiSE47yR6y9lM1cOt4D28jKfdyWmrg7VMfzbKBBh4XupZ900WKbThZSzZoYWajHV4DOfU7dTM3xTlQU6xzZ9L9vIAlgaqHrYSXxB4oWrsEjC7vDljVbHnz3Me5D8JNuB5BQUigtMb6BTCjVS93Fj62DwAvuwMLO8A-hLCVYJ_cdoobuNCNqDOnv2TavkT3Us1MFbh38Ie_NsGZGvB_Ww-rTKKQqqWdM9qOli5VZ_FCsMLiI5f1A9FtFEL117hejnyFJdQVQPKZyqw&sai=AMfl-YTZuZt606Ata0AMIOUgsXOJu8AYwNCu8L0bRAvnkF267rBBa0ClrdaN2IrWa6VxJ4LfOyYMe9OSRRhPCd4MV0ERU42j0g1fnzYcTnpKubHhdpjCPqJdhu26rXjGwEbNvOS752NqspaMUnZbSg3RPpmcoPikH97sLHrUZp3w2cvZ3EDPphgnF5LbRlL273iekHIzB9muE9PYSKfp-Vw2FZ60fyfAobv-wGBrDEvUOhtypoKnihY1O4YYyu0Tr-fb-wnu6lAgFQp45y5SPB4jj7SK6zJs8_K-bhGL8Ddq4XsdWK2uvVV0aICdONU3W3xg7GPIc0l5chcGy1OwlNSAb_VerFRS9YL5CmR5wXgDL4Y7uydrBUdmCjzKiL8iR0lOl0y6eRKbkvmxRbztbya4ges34zvuPqWaSW12MUJe6Dqe7qzibQ&sig=Cg0ArKJSzLlzhhmJZ2a-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=493&cbvp=1&cstd=486&cisv=r20231031.71926&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CFF6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQ...

170 B
232 B

33ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQDiZf5QJCFOfHpih8eyjQCuUDuaLdpSgnNtKu2rWiE-PfP1LcrksysbQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0273dffb27b62012f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSyFm-jA7iTPiQp-StDtCtDIaety12Hf_RMjMMjvwQDiZf5QJCFOfHpih8eyjQCuUDuaLdpSgnNtKu2rWiE-PfP1LcrksysbQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFF6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQ1bIqeYWKc5c9f3kfYw_n_cykkzkoYEMAHVvkxOo0QNAYAjWE1ky65Lz_Z9ncWaNj6S9TqYSGkp7aAxIzICmmm2yE0mRcRsg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CFF6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA5OTg1MTQ1MzcwMjY0NDM4Nw&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nu...

170 B
188 B

33ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA5OTg1MTQ1MzcwMjY0NDM4Nw&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6cHFIvkVEjiXPyGS0_KJyXA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA5OTg1MTQ1MzcwMjY0NDM4Nw&google_push=AXcoOmTd6lrmGm-BV82MSJlE5Ug2Gk6vx0PNTTRpc-wQgcTdpYpP-Wxv-5tKKWWFUhpxzT9GPwn3nui6cHFIvkVEjiXPyGS0_KJyXA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame CFF6 43 B
94 B 208ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmSTV0erUHnzem86g8OEiF9s7j2icmOu1Zj1mkI_DkJoTh6Fi9GDkiRSVPcUfAHN_W0BcK2fVrhw2YxW4SRlNBD1-gyWNuWVxw
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame CFF6 0
236 B 225ms
40ms Image
text/plain 2600:9000:211e:8200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHXe7iVJ5tWDbwEWzPQQABo&google_cver=1&google_push=AXcoOmSVTKexelngVJZl1hYWuKQ-8-Npmz9_7leY4P3_xs48VQTpt22pdTapx9FB93KnkGh4nVzjIjEx96DFI6M6sE7AQgpHOFZUiw
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: no-cache, must-revalidate
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: n6EeNieRkdSJteLPDYMPCMh_fBOCJ3Kh-8oQzGyNdUIimIwp7taZcg==
x-cache: Miss from cloudfront

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame CFF6 0
44 B 276ms
14ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELL6K3HfJ6_y2cfGGwbXyWE&google_cver=1&google_push=AXcoOmS01ha7iFC33JrJ9iUxqMsG9lLNOIaQnSjac4-tb8Tj0rKiHtCAh1spPiJ7vnsdZbzz9QpHSSCh8_nwVNDVCujv6tnXwZy1xw
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CFF6
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

50ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT5XmH9-yBrSqPFCJcF5y5ggk2TSU2931MEMie_k62IRGn66nAmH8s25ELcH8F_QBMwGOg8dtr0z9byRy5b26qWWrDxit8D9Q&gdpr=${GDPR}

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT5XmH9-yBrSqPFCJcF5y5ggk2TSU2931MEMie_k62IRGn66nAmH8s25ELcH8F_QBMwGOg8dtr0z9byRy5b26qWWrDxit8D9Q&gdpr=${GDPR}
date: Thu, 02 Nov 2023 02:27:00 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CFF6 0
40 B 217ms
39ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6cBSCxCqHakP36phzndstwYpyjaAl3nYVOOVTUnLYlB77vanPxar3opQ6rm-hdozLcOsBBg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B007
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1&google_push=AXcoOmTRAHznQKj2LXsdnIrZprXBGkP2JeeGblIueepNNOgjcYR9OX9NVlO4PKYSauYijhDn789F3lKYNc1ZIHxc6xsmUWGSiA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4Njg5MDU4NDE5NjMzNDUwMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1

43 B
398 B

50ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9...

170 B
232 B

33ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9prE3MUFCByc91ND_IWC1yS1rUpxVeFA9Y8ByVpIU2RFEGmglJtw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0237fe7a9d585a71c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmSncKSmRwUbt3q8-BVAdwGuLUkCUSE7YwJucMpL-M9prE3MUFCByc91ND_IWC1yS1rUpxVeFA9Y8ByVpIU2RFEGmglJtw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NKolGKAOfE1NjY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B507E8D3FD6A44EE93AB25C48A08F6B0&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NK...

170 B
232 B

46ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B507E8D3FD6A44EE93AB25C48A08F6B0&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NKolGKAOfE1NjY

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B507E8D3FD6A44EE93AB25C48A08F6B0&google_push=AXcoOmRkN4k5VldLjg8jtiikoF38fKiRNo6UK0wHlMRwb-JcA8yc_gqgYQYOao3QRif-MJA9lm2nb6iwsN1h-NKolGKAOfE1NjY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCow...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCowhwfOk_diDG8

170 B
232 B

58ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCowhwfOk_diDG8

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmTzii5c7Mjp_MrvzCS1QXW8zBr-NF0yzAI4AkXb3T3-JHruIzupypsX1mFIn_aaL0agY6lMcaQZvDwJsCowhwfOk_diDG8
x-host: tde-deliveryengine-production-5597b7478c-xf86k
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B007 43 B
362 B 187ms
10ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTZjiAxqiYof4g6ebsTrylFLK1CKkVGSW5cqX5ADfXi7tctATn7_RuSEvOw_GB6esMarFglCC53bjVbHCeairlaUurucLM&google_gid=CAESEI_sbMpnusdusKYAjobV8Qw&google_cver=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 194736
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NOj5z4JTQbqEpOUYCfgJJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

28ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NOj5z4JTQbqEpOUYCfgJJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQO-Y4pow4h46ST0terNlK4c9t-SoasLETr8jdJMuTpl4TPLrPgDvC1euxOT9AS7V8ZNAUPVOTyDXdqje5Zj5XNM3BjvRA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NOj5z4JTQbqEpOUYCfgJJg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQO-Y4pow4h46ST0terNlK4c9t-SoasLETr8jdJMuTpl4TPLrPgDvC1euxOT9AS7V8ZNAUPVOTyDXdqje5Zj5XNM3BjvRA
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B007
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG3iv6uXyIXXNjvC2opFPRw&google_cver=1&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxC...

170 B
232 B

51ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyNDAxNjUzODA4NzUxODkyODYwNA%3D%3D&google_push=AXcoOmRzxb7GT6-CYhS6-glBU79R0NQRn3J7vvKS9s3WRiNqWvYfJdxCOsG9ajT04SDkTf1yJD0-2-I-9B-3rL04hAWnIcSfSp4
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B007 0
49 B 216ms
40ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iy5fM6RK1_fCywDvO8J1BhSrRoKkTpTbYP1hFJD3q8EufN2VZzm_QfZJti0fW-z2OeU2GP

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E02D 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2877165724633&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E02D 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2877165724633&version=m202309260101&ct=77&x=1&cor=13056785798845594000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E02D 16 KB
12 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbIr8mHdVmXiUAZtOXCCoeNRLofaf9iVbCDmkHYL_prnsauCu3vfiAK1qu37qaeJD6qHjxm635SSwlQ-HfvL0_L-71-VKehKK881_Ji097vyblkgVLFES7iSrY9jSEuP91qFNIkd2euA9mGh7Z6AUrpa0oWtIE32spfm_yOVXr5coeYlc&cry=1&dbm_d=AKAmf-Dmr3p6dmamJ6TI4X36n9GbNJ01hDinLA4GUt3VkZUPL1jaFvhlIyoI9847ItF9Vp7sAOlskkHliV8rCwJc8qZaBVZog_d_b0p8K5hmI0iwfRAop4X0bTRPi4FgJxL2-aE-4NeSGHyMjXte9OQlFZ1SjlitV_3Z7693FztjzOd3RQ0TMCPKIW032yBAlBonxogCDYY26XwPc950TozNYzJiDCfu5ffiGGXjyyh_PUj1VOr5HixOrCfMuRv4PQhSi0YfZn-J_fGAwA-Y52ouwtVj8-FRHS-ywhbfVH23Xvqw_-lh0xaR6GL565tlnHc3J74CtKTSXx2JGw9eQ1f9p4thzxj0C47TZF74AmbIlwxTL9NReRViK0855l7w1OSJxxe1Zj8XLAuurZ5Bw_GkFDdgUuB-G_PiBwMbi4pEIgvTQYKmz5zFmi8kGrw2BANUWAu79AdwDS7LfibLCWwEON6P1Yloyd9gktsqNdSQ717SxN-6m11iNs1PtUKSi7601BvtAsZ53SUgubtSZAc-6oCWWTr6XdzXWs3qb7M9ysoIVQVdm2SQvoN9bv_pg9DNVB9SX3m66JshgBY4qm45LyDGblHllm_z8eFIrYvIWygCLtzZ4VEHKSTd2k9x8SG4OsnEhTxG-bX0ZziC37bDpvT8h0FxiDfSlH1tK-uw-oMXo213etYJlqyRHybLF-lgEBs-aaS7mqrJ4GqrbqF5l1GBbT9CRyYOa5qpjKsnRQD8QtpK0evkvTSIMcfeZFbak1vVejOh7BqEFT832gkfLI_eNp1fV6HHqVLWzsEyCpTdH-hBEi-EE_LBte0GcunPK_Aubu6iIMseqPumSHcAI_Ru58L1tw56qFIPh3vxB5dKvaTjl2C-EnOPEl7gmYMHkFO-pVCxFgVXCwW8INtlIpiUzJU_XURL0ldBFjCUJe7BLddY3LsR7sm4tn8TWm3UCU0GtRH64Dqtu2b098uJkTw_o9pJjEwSAayelTq0USgULYwbLTkbVGonwRexjpKVOyNSn0QmZ6PIKhz5MzSymjshv6nbQZ88rGd5MnpVscI4tXJRoPRlH9irkqupXqSj1QI54qGj4Vx6Msb7kGDasX_QKIPnTTS46Kp7NAYYFIfFHSzz5yvEm5s_Ffx3v-HJLlyY1mcDglED2tPToA6y9Ev9KiFevzGTAyr79xymV46hLt7JMK6wNR-_QFrFHhJ6Ds1_p6kGGBRjE8LHXSW5h4N9mH2TGC2rqRlDz5R5KtJZ12s0WFSZLKtkwlNPUJGOjWfjNQvd4_wnTsQ5ayP6Qp8B9GFE8DThfvyyJa8n5_A8tWNiOu2WkG4k6kKVTgHnrijDsRlvdJ4vcDfyQo6QZXnFkmR2V9UW7BKJdQQKr6pN0bB0gc_G78dvX3hE-USDvMwU3kJp0vzG4oMf3gOyqeFYosXr5zDihH0rFy62xOD_qVNspPiJbJHqxFN8wh2azdvcgH6dBbeDbt3NQV9rcb7lD7bqJJx3BG_xeXAPDqc_QRUmnqzX0GmsWBMT8hx8D1O8LE03SWiZkk-u9pkhk_KaS_oDOiWXsA-rRlVf3QZc2RYGKmVrpkuNoJti5WmsBFjRl2pV3SgyOQYZ9BeLPu0YW3X7fes-kztmlG1pjrDaRt6g88PH2wIY3VyEn1zf8ueRbBbM8CcSOA7FVUhEh5Y4UGnEau8WfrCHEZOZme4vA7j9ALErd76yXnythnVghUyRDqz_cikt4QFCpL--FbGW-k5QZ-F83ekNFW1imh7Pr4pcDgyrW62Xc8S0nRbfk-DG5zBTht8hT_KWvwMQrASaLNjV1uSFSmge7t3Wo6-jPVZ5z3bkxGq8ADsaYF4Jla9mq-UILuj3iQIzkED97NXMD6zlHjuI3NraSYdCeyKIJrbHu7gPmLatREvck3iFeXmu2PCsbaEpnHIyQ2t9mCzq4UIWiRhhFo6pHszN4f0unG6Fy5eaIrUSKWTTZEpqIJWgMai2z2Wst_TaYE7gNDRYmF6hdwMofRIiMr6ZCJycftJOatIMrcYhugQ3jKiPCM_Zb2X655ZTH6sAglk2HPa1vkEd4AJN7KGUiGkHv4_XyvgRAebC1MG2su6qJtQiE2yl-hKt203B9zaPcqI5FZpbiHIZekBz5laHWhkQb-jKU5C8NERj4y_wgnJZDdHZq54V5knSE1ZQ1HNJyy792ho2l0IoZYXaHrz1Pq3B7wxxZQXkvhpA20Gdp9tvXAYqh05BOXbb040S6HcO2Xjp4vsEGpYjdHfyhL6oCCbogMKOqcegsNAiaRR3rqjjCqHIOn1Z4mfOsUGWVBnfgUmczM6W85vUOr0czrDjdNTeRU7NkG7BTkOn9uX76jx_MhHWaekABjvZjPeepzd68WzJ2ftB20hxykMy_L25nQD7Gt75WHFUBkMxkqpVO3aomS4WBHXTOBK49CQJ6MS-aEVrAT4nE92xk3qpe1YBjcR3PnIgNIzglhLVK-V_0Mb-70oehBtIs6Lwj5GH46sIIDn460acZaA9AQ5weI5E9BsdDxbvsi3wtjFRPTrKo4j_5hpa6zfc1bjHi9jQwjoeugkUHdcPDnH_bM1XUDoZKj4aCm6uMYueWDItZJgZcIdwK8B-6iOTKH49PwEkzoZGTL9L2D_sct89P0sjm5uyhhRwP-HZuRMTQ8tKpqAxeqx7nKCDeLy_6pCvSCdFVTuxEjOm8H3GnHrs0l5ElBu2c48m2VqbsQgE-oxOakrzHtgYOnRPm55l5z-6HNfs25L8meYg9Tmlx3r-2FI7XJO5aJeM98MecGiu4RWOfhAv7GHf3PNOkKCjbcRPnUMqHhhymKCUWCQ8hiJselOGsY_vTEwNc1szzcDTscOIxhDC65XksrEHpKGinEefCBOz0X1J4WcQ9tP0JeKHhdxKPVmlCAchVOe111EF89JwofnHE9QueLRgX2TuiZF5EzkhGAenVVi3jKz6HdXyT3EvsDbtRqSXN8iKP14YAq7Zvee14jJDwfGY0z8wGmVxOmO0W62m21hAODjyVVAfm1oYSrF9_5c_hmh3sI-qJe6Kt5hyGZDLNYkIV_Bm1-fjmFd4hbOTGoszN49Bgl86--RC0UwKFw4qkwHjd4jBAW6Fod1DoHJY8uSZi4QS9H96mWg_4F7glaXn17oAMXnqMu0GQxM0PN01HZ0t_cTcy_dEfbzA0kx9dd2bGt8kvsAbhG3wvNYd9cRBNAUIQDAMZ2RLvsdmF_XSUhzyvm-o15HOGLAEa5LA6sM0okeEgRyBMKSLFAUjwroTNJ4i7K5wOQPvia4xYBUQp1oj5wQpM42TNGlUUII6GPvOsRBjeJMb11PUVx7p3Gp_2zDUR5QtSzlWjy-rh4MeE5UFJf99LEQZz0CCLbrEwCXUWowLsvEaNNG_D4ZcpipStcQdsTbLYi7k1j48rSET9K_aKKeUsxmWtH2EDZIsP2dLJ_zQk0N_l8tXKmlvuh5RsrZLYMbv9-y4QLMdj0fdPVLVAp0bPEEgR72o9qBY7Z-7z9zX2H-aXtbi6V3LJ6YmieXdy_V6G1a4j4A-mmyMSBFOTgXFpu2dhHd9qDVN1bdW4oLBcXz5ki-W5n8JJfwnNKdApsaeVJS91yBgziO3d-kammdrsx0eHWVYXTrwoSuPORK_rlUYXLersRdFy1L1cglDgNxfKb1T2NqOg3oVtbDKXKT_sBPfXalW6IiM7u1B8Etf3fIn8gTL7d16zhzLCUMkvDEwis6eZOhybX2X7zgnZwb4jj2TffVXuNVu0-sDtz4FZ0ZswFvyxUdT4qWIxIHtYXwDgdAmz9LdeJiPESaiH-kEvLGJ10_RLht9-omdT6Cv7o5NvFC-zSSnM4GQydxFpynzlffdrNWj0j6-LK4KjSf7sDa3xzUKDibDPXZjOtZ9b_oDTBGYwA7Qqw8qUFmle_uQqk5gV6n7l1rNvXRBYzX_qSarpkLE4XuIV8epM2DF5rw9RgTkp1QdZs01rVIU-pnTI-Nj0qmEGl12HdcgmeDqnFcPLWQKi_wQHyOwOskdmer6bO57h1WRWosGYfdAh7qXOvT9Z1KpodNk53mki0FcwO-Ts5Rh_maAnKqCr4RlBKglQZjUm-Nf3nRfGzT30UlcsQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=13056785798845594000&adk=2265872549&idt=92&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01a343b1f563cd8e88b26f9306f8ede3c1579e07460dfa7ea0f9d8752b080a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12600
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE9B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmSiTmz8rnsp7xeE-LNMIczg65hD8BJ31f6SaURZrYgXSfF8N_7nOS...

170 B
188 B

33ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmSiTmz8rnsp7xeE-LNMIczg65hD8BJ31f6SaURZrYgXSfF8N_7nOS0CohdFinrP1fMEC3yD8C4FUTjRLyZ3ikVAJxW8BIXG

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230139-FRA
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698892021.735212,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_push=AXcoOmSiTmz8rnsp7xeE-LNMIczg65hD8BJ31f6SaURZrYgXSfF8N_7nOS0CohdFinrP1fMEC3yD8C4FUTjRLyZ3ikVAJxW8BIXG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FE9B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIIdq58J5BLJlLkBYbA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIId...

170 B
232 B

55ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIIdq58J5BLJlLkBYbA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmSB9jqWbornHSxvAwEhGcBgdQNh7qnysh23KAxUUcBVurKrduaaSlknCTtnQJzFV_8zaXxzD9nenqMJIIdq58J5BLJlLkBYbA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FE9B
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vD2ZGZ4vSEcyqD_7GBd9Ug&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b7Lj9vXx-MclRaw

170 B
232 B

52ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vD2ZGZ4vSEcyqD_7GBd9Ug&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b7Lj9vXx-MclRaw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=vD2ZGZ4vSEcyqD_7GBd9Ug&google_push=AXcoOmSD5uItQI4LVrrvOiqX0spA0yOG8aObTr_BfshxxJkgvxVqxpw92WRc8rKOzFnUIf0EhRF4vAGdtrApza9b7Lj9vXx-MclRaw
x-host: tde-deliveryengine-production-5597b7478c-7tvzx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FE9B 43 B
362 B 176ms
10ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS9nmnaMj6jDoXn3fH4s1AKGXORsqFeC0oTRqF12VUNk_rJ1s98JaX_HKKC-zyKUNbK9Y0nXK8Ju-2nuurFVmCPUyz82Ap-&google_gid=CAESEI_sbMpnusdusKYAjobV8Qw&google_cver=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 192080
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE9B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ7...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0Njg4NDIxMDA4ODk1OTk0OA&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMS...

170 B
188 B

33ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0Njg4NDIxMDA4ODk1OTk0OA&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ74z2MlZubwMyUbWezvgZoDQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0Njg4NDIxMDA4ODk1OTk0OA&google_push=AXcoOmSTTw6HIJtdk6hWKXvQ0OKMAxay1vpM041QH-yRC_M3A6_0keVIWM7WSmcZcoC31h2oCCJvMSQ74z2MlZubwMyUbWezvgZoDQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame FE9B 43 B
94 B 191ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmR5ZQY-QY71rBJxL-UZCSAtrmuqalQWpJp9SMSeo2PpZKV1ZawNCQOATE2ZL9tP-_1jTR-NCTIaVEnhLdbZM1b5Xb8xjIZYbg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE9B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFk...

170 B
188 B

34ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFkRuXa5ZNoAPp47dmrb0tJfF3M1iDwXCUGgysc7Ppd4cZxioI6uGswKN0eBmahtiz

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5OH6GfVkI5xEUNDjta5Fl4P21GrIwlW8EfMR%2FAtrEeX5LCx4jIbxdsNoyMnCj%2FC2etNOYaegO8n9SFkWtovEr0cVED8lMRIXSRyaAYUA%2FNwDGG9Ol41iAVkBLnK4To9eqFHmGFFI3hv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGGdeDUeO9Zp8nPcQTOpPqE&google_hm=ZUMI9BC7UZX9RxHRzjNdoQAAFBYAAAIB&google_nid=index&google_push=AXcoOmTQ0_f7xA6OBohlTgtaX-m8m925ManFkRuXa5ZNoAPp47dmrb0tJfF3M1iDwXCUGgysc7Ppd4cZxioI6uGswKN0eBmahtiz
cache-control: no-cache
cf-ray: 81f8ef9a1da4371c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FE9B 0
49 B 211ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1oVRboJNtGiaW1dN7Y0j0sS6Hj2u8OLyLPBifNiCHX3z-tDoN_6JD0F6u0AQrsPkWFcXQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5FB 0
20 B 64ms
64ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1831018653622&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5FB 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1831018653622&version=m202309260101&ct=77&x=1&cor=15137135732004948000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5FB 19 KB
13 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGGsRbtWngKzPfZBupMHxMRkj2wmJ7ellQa5qK3KdQD0NR1WEvkd7NkZ_eITrzVuS96x3Ml-gKAFTI-pq1X3Ehn8JNLVdxtcSZy2Zxvwmd7KIQPiTD6poTOtRqN7E5f_g46j4NSzi3IkxD8EbcF4pVv3pmQ3D6KtVrG3ykIZOWpBVo8nY&cry=1&dbm_d=AKAmf-DLRmOYl2wLRn0e9aMQzuh__4Z8uTNIV_5cSnnFTdos-PjTZZc5IWFQ9XYSCh0FLBrCMWAvR-cxo2uWySVeqk7VzPwbEs60wj1U9jw6wWfS6pLkhaJpq01fd_uZQLgoJ9_84zCxbbOtU6uuGuNcSfUn0Y-Qza7Hzwla2mvcibBZVPekwm_aNqhW2tOVVny1izkTNy9o_riGNL-tTJHvG997dYfksdFaMArY157kqTm6N7Yf41P3YO8oisOLDkTNcHu3itrxuo_sDTRICKHs3ekxj32EKiP4_uz7Ngp2t4bLkQqnUEJKyehr4629QOrmZWyqhNxYmZTvPZZ3xoG-2P6uaH7IumjYmh75JyE5ASl-HTmr2v-683ubZ-A9u1iuq3xcD-0RtoELuWIPjAfnT9DnvEWkzpX7HnwOZI4wIdUaxV4UKoaal94yTDCbiGJ6_skVtWKWSxoxm67m0dje-Y_3g54GXSo59E8mncOzan1HEpplTLU9PfFPrYYLOkV0zHLfR2MxC_q1O1oiSqYLCthRz0t8b7yqp4qoU8Ua4bHaVTl_eeTyJZu18iSU_AUKdScffGV_sw84zozDr8ZXzDbvbc8kUMqHDSGJff7FRFLyYakfmJGcnSOGkxNzcRnf-K6Y8cAGU2_i_UEc54gsJEjA8wxzS82VuCc7E3_r7MCDcEdsbjoXGbxOzYy623BGutWpNWl5yNHobYhO1WDjAWEyiZKD3F3i_FF0E1jdyCZFeNlfzEErMsosQT3s3xOvMisjgMLvvlWsi1x3Tzvv8zamLgSxv0zNVPsONP6KzCCCCoMhjZLevH15jGR_NCVEqMR8F_ZWitWprBvoM3kaKNnrz73m9rdh1_1Es7DbjxA5dvQmRyBgVxrv713kag-aB2Zt4nXzrLyEGH2Vq1plx0YFXMquk2m0MQPr4QYS-S3FtRt-SdH2DLH0KQ7x0IFEFmdkr5D7Gwo6dzIWm3MPvcUYoLaetH1Dq_v9HkSQVJKVbBj_G3Kvf9cvwfjqTsAyJhljoQiotop6CaC6kOOk-2zq8aQcFq2Th3RA5R57dcGA2eRE6OJ7v6sJ9P_WY9-o5H-TF_Vez9q-adrPTT8CpQ_0vBAHmmQ8rFv5E9g84NFne1s05Z6SrEzkzMU-aYeDEj7mQfqOvoAWTvIl1OBoqiIknsfZgSjNSCW7b3BpxQ54J9C0DfOsFd9NksNLZ96oSpYlOhF3mU7q5qn_jfcCYPh6mRWC-4O7YjmqgT2JpqOG57lTK2W9Nh4c2pLoSt7wUa0lkV2xW1CUpjTW0zTrz0LQFuWUxb8cAJEIBfmasKDNL7PDZYi6XhW5OW4fHBHexSPcd7UuVTbUTQIE2XxakFSjFlILzBdIn9sZEKUPO3gWTjT9GshvmkqPWwGWTmWEgBOYyYGihljvQMT_8h1dYInUsr0AMPWYpz2QKk99h_vEf2G4_5g14jlYOLhDoqCrugOmoaP3zvWX99kLTWxe_yBYyguInWQ0yW5hxnAAqgAxow50k_6ZcijDxUcCpSn_xPsyNssSPpCzK3Ei-T0kjm4VloU7PVIfye7HxUoy6Yfj1VWuZA2_Ihd1H8DsBw8gFeXeyiLsuEbhDkJ5AnnMvjNPzX5An7y8WgCHEp7B6XLBRqnCNeDNbF0YrTQMaD8HwLf3tM21C6IoTrdKlvJ1cB1pycF3KkYFsE86VTiSD2t7P4EClufa93wGlWGYbEOdMqOyix_YjPqthn0nxwpZT_bA4mfYRg7WeuWmsgaWwysv2CgqoOlhJjSkVblopHnx9lATtgPw2HmnTGris-uFuVE3GnETdVmdVOpphjjC9NDIK9ISMyJy5rZumFXUYVpZeibdqQsI-qnNEFjxN6GYC0XL_VkZvZt0u53_uBVfrQF9WwxmiBhSlSZi7URZSJbheoFutpW6gqpZCB2aAy6wS68Cs5bdA1zLeLoinQqvET67fKDFzXEHdHJDRAHucEzkAvXQxpEQmskYHjsif7YtoMaFX7-S-ZRc1wQtvHT41hGRrGq8w2A_bJREeaWTZbmtgkBeH4G4Zcl_9viLxzk5TRWOgYukko2aIhAStFO94meJmadUIs-h6w1T0-gwXf-YfeM12a73QLYIvAqaNiKOkrJ1s278RjK6qvXVAWG3AcbyJKXE0ZSl6UzlHTW8qvGS3uXbbf2N51jk3J2F5lV9HCJ1kigVdJaCO6a96IthnB0yEwps0Ti9Ksg7MFwVqILkE4MhSTSfhOIVjeCIZVaKJzLpXCKX9B807PCIKPFuAlsH1dOL60ucUIp-H8PO4-mmtaqIwx0HosxynCldRdrcL6Bpx38ea_5Z_DJd_YWn_z4ZyC2zNxFhKcMKJLLy2Ma1ohn3mUAISa_fRyhEzo5oVC2SPzZst6V19hOk-GNHXuRC7emt-soylFsmjRhSZLi8jt3vG9tbUgOsILDwqzSnXSUr5mvdBIM9JG9XRcciJdpR4NpTzoUG4ciXgxb5zQ0IZeuOT5z-En6Uh3j8engl8fU-5V_qWP1pOkSRZzJjnJMnprFJq0MWUyNnlmDjWcpo9rZBcI09W6JN8Q-0FvBluP5iDcx_w3XJ3MNu2oOWT5mLkWSsiiq3Hi4FepH7yJ0Y4Wa9A2b8BvgAgNSamOtQoF3eQMf7LdEnPA9DlYK0qtIRn__7-TTz1GGmDDhJvMgTak-5ZwdO5OywB_tjwQZtpFcEbU8P-FR_JLowAGglpEqYCRk3IHpBcNWVm5F9HdAmnCqb-g-qTPhx-8unLS2xQpnZ4F4fk8P-LoKArLf08oco2QNXZopO8zLRUKbdBMCYP-iG5BeGhxwk_g6H8Nv33vTEPHinoB99MYa4wdlEw2hmj2f53jcovt3cklKtAmOiIfibjuET9AsQMS0FmWhSQ3tKpKNf-7z9oUWBbu2UYTx4mZfDLCt-M8INkRmfezeHIlZW1ZZdOHZYxDuDVhRctxMUMR7FkgUUCjT8crEXmoIgJO0LDOiryw7QgDls-7nIL4y46Ga1tmRYt7uyGS967LZqDpY5yrCFavFfkZm6cL3YRGxvJlcHHR7GtfFS5hzt9F8SG3maDCj5K1vwoujtr2S72gD_yHyxKBAE46Qv2VjaX5BKcEum4CZmh3rAasr44Nx8Wx4qRWm-xUpvHwseGbfRXatYa6rdUfwr6pWFaoc7m9BNjLQ4CewzN0ExUt4yvgiFGtrzFO-9XvABWEIkj79k94sitPJqJG1A0V6xTcX0K3CNlSkTEGyxTkN5Ndo9FIKEkbASWj5kqwD1m-9DZsbwDbBe-3gyOC-ExOSNIkI5q0a_5RFTYAxqTrvNKmx0zXThsqrWn9TT5PffvbwJGw3fODqesxpTqaw3mmhjDfD5VgepvFlsHVXnkWUCCZH-nGIcKRKcEWC8RiAfCX-ZsAdjhnwOYNvW3vZJ4rRokYpMC5m3MXefhJgdaUcHOi8lnbtSCTvlolB-zHn_mr8SyfW5zv0aiODC5H7T8grGQdquynBeaQS09BGYIdyuFZJxHdvKpGldO16bjRwv1H5R0Vgi1SxJF76yNTpu0dvyAxcihmBioavvl9vt-3TGtnOmWVIQs68ErohGUMwxSz3fmLIi81lHp-JSHlabIY2lkYgW_oeexKcD5c8cWIYifpixSu0GMsQ7uGqF1YEIYHqsNsyt6GBJPLXLlKAAuqBcxrNgfMrIQRgKvJidH_mM5jvjt6ASKpcorbf2xDP61lIfOPhZHRQqyz4mR20EeLXISsTb17R2rL-bl_1fZ97W4xlPOc0_gjNf5EWOhXmzEdaDf6cS3_FsX5oZombpYU2WLVgxXfTUw2E8UiRwCcQ6fLOhXq1RYwaWOwkKuZ00a3BlT54YAOBBGoCHhh6h028fZ-eT70S19Cc9MMU0rDn8Pi3ZHOl_Klk4-D72wwIP0VqnWoCRt_uUxUC9uRyUj8mBRHFXpEjXoCI09o_psqcZqWPKfBu2E_M8g6CgQjd7WC6-K4pwPRj7mIqvMcD1OOHQYAHGm2J_oIKK6iqv35tfjbBdWFUdOrCY34RsKNlMLXy4z_2A9QFZYAty39aG8_NJw0yZuD4UWhNc_jz_dkEFM8KIR8NpQhdL0orukvY-xb4fXb8o7jtefQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=15137135732004948000&adk=3661671305&idt=98&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2721a291a3e64e47686d408aee3db7fe7a4e473d26f1b545adc0b08fdc61fcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13732
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/17952959967271059456/ Frame C2AA 47 KB
12 KB 128ms
75ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:44:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5410 0
0 214ms
65ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso1NKU6ju_JUpG0OX4Z2OGE2EHNwrflEzGy0dYP6iGKwk1IhxlN5WcC_mF8lOp8u9FQS9F5OtpFeI0clrEsiHrkuUhSIS_DK78qg1HL7AdwYA25yYwKbICvPp53f2GY_MHQD-Ogo3Z2paMQehy8wbZqhbkVjrlxmZqW_YdPwJrhmyGX9a9prhd0nAZ4e-xjPZwAe29sKimyO0VjfrRUAKF0VSriAmIuCD8PLFHOr0vtb0kxa1xN_uLxglkL-GCV6QI3igmjVfWUvNgfYd7YsNhUnFtq7X9h5fJwCc3_5w3Q2HtIbJ882B7uvTNl7WGcbOts6uyePJ4CnWmgA_0toyhtnJRvQo8PPk9V4BsZUFO2IvL_xQD_ZyRtMzbU9R1Xwsu7CNCnJogG2Qn-Tb83bPU3Pt8Vlm4TfSd_Xv4d3F_S6DuwelLeOiBC-R_gj1pDnMHuDHL8FcSsjFkkJTo6-TZBYJ4ffN2dcZvJMY5LACBBdSkRMgi9v4Uj7_rEwlo2WoMC1OIXSV1c2TPBxdH-tt9eDFbRcaS97L9b9AXp7CEgy8u5ARukFdvAoVtoAOvk22p0WbVPPrjQeu_IeA8eM2fP0oy5txCkfk1GTUBcTzbWeykUEwh0IvkojqJQGCJHarPF0QIAL4y55Ij3Rmuz9LGhT-yuq7IHVG85c_sOD5ONlekr3ed4U2JSfM__OUzWRpl4gliSHfKgOvbWXM4RY9ncbh_NIFRbNUmF99kMVSNn-hnUMok6TN3dFX5jzk6la2i_5fm8DyK7ZxxgJ_Kk9nLWPNy8UGedOJUCf5UTFoLmm3SCv_vd0BQy-obqzhyj1cvkdafC-QVwAkGBY_U4vrvCYQOucRTImMRDy9VxXdiWeVk6-FlNuZXMzW8KS3fz_w0SLbZ-ZJoWyaIWzns0Sfwq1nVEpN34SjwzwAVrcDWW5PXV76OVZFZyMcxdTFSp0sqHirW3KTvKXBIWnkM7ygi9FRYaRiVSFeC_7EbBzOC6wWmrsnwJuIS3OFi9Tn8LQkX3lCfYPZn5RhknGvG7sqikM2JdFCjegRrk4kOMmrBNhjCPADnLep6Ry8d8OcBqU7TCjUralcFVqZ83wICOnoQqhrxn8rfIviLEAM6zw1qLtVEhABTaGgnbL4q6pWonbEaqIoa73IH_-LhWCdvhfxhtQFLnZxOI6C0uBz5wuoICb8EqmWFZBR7jvlggoYrsiS1Wcs0LMMRZVrvPIGbxT7gE9Bs6-pAImnLyudQMDdhyiuNrKa1hYIeFrzZowY7RjBpx9IulcboO00UO9bPUFfxs6wajQ-JVNE8HP8RQkENzI-UtUS5VSjQOsNM1p45XvDcomQQssNP4kGPBJuaUn4N8Ve6An0jbhbD_p61nmmOAa_zM1FjKB9dcBuXk2-ldqCwuqnn4YDBNASF_smxRSCedwLMvRPEgAl1hSbI3y7DxZxoALidHNl5E31CuU8Rt3N5LHwEOzAWXPbUMp9llndy6j5qeQRVzNYSr8LEhYVJFnIb7IhwkqzKoUeB&sai=AMfl-YQhXp9ZXywLTd-bQCRX0rBE5biUEZULE72uz-qMxnt6zRDk8pXidCzrrlkUj0rFVabEIDCo_SpMDqO66d553IJpjGPSMPV38h8Q27Hd1j-Esy1bZhv7SBvhzWlIroFC09iDeWGRTDJCNa-igzBwNs-WqhQsCw7TRLcfPl-o_PWq7o33JsnBtMBhrcjfemKhTfMSBVr7RxfA1Kef3VgiRemlOZGsqWnkCDVfUE34FFShitMkmqqPaui5dBJW9N5juS87iUHwt5kfwRYX1JPpsL_qXg-xLMRerLrLMfDidq_8RkRWBgtKzy5ziv5-7F-SM0awrQGFQNm-qCPK-EMygCemMaf8NFEa9-tE3XkIMmMPGAtpBgdSumrw6WDUaBbpV5TvZaQjTa_YWML03xn9OIt8D9ehB6M8f44rg3ifGDQQO6gXeA&sig=Cg0ArKJSzPAkcYKcOK5PEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=467&cbvp=1&cstd=458&cisv=r20231031.62662&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/11698040626992906240/ Frame FEFC 47 KB
12 KB 119ms
67ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B91B 0
0 211ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRSbdSUiwMi_7VA4gbTg2QYv3tE4_SwdRexjScu4fpCMf9ZuqhYjtLmfWjeNa2uHlFPEet-pscgp6ERp4x3EUo0cqiUcHWvKmC9IlOrY-gqzsNU1W-Q3J-DykpP85P1hxCxvYzqp4Te_h1QSmPu7n0EI5tdGfq99fyhN8Kkzm17_vXbX4UCXZG1pFN-5MW0pZl0qoecGdx8ecR96bjYSUOohqP5JaaKefkBs1xQyJl_FUj5ziIofZZbOQtmZp-an1bP2ksnBAHCdMO3PVxqBpF_EApqDN5IV9CAmHjXitZrA4Rp-9zxWVrEewiiF6-yB-YILbsQr7oZaQdw6sip0bHRTOfB8cbplwKsPtdHmoZAZvDhlFSQTOtdNvYtNFUhK1vsAtQLJws0kKedB7wUm2CA53q8OH88glBj5bxuvGgOOxy2Kju9iPT06Fo6eUZ31uYE9qPWnjXDxNqfiiUJPdmy6PSQ36Yb5XseG8OGzPXcfc13q_WBUZr1Vd6VJBc5rKU3larMxZzPpr0bAbtPVbUTAs-mnMHvB6A9ABf3jquDS6YhSR99dOXF7DDsxmQ7sXPbVAvPYAAxeqA4Ms2cAZyHA0JMYePeI0NsGewxVE10U-Q0ekeZw1qLFeUQPq2QTE_-vpjjy22jVAnBb21phPV1hvXAcMChiFY3h8p3sBq0_6ebBEah4jnsZiAOKWl3puB_mQSeipt6CTu6tEqwHTS0a_I2rvFdhNfR4iWSuZ-CHXGp4NGpKc7Xqgsoei-S1_p0D_PlaEXrbRznZdadJ7fjZK9BePAqEoQQ59xtD8wgU0bCbu_JFXWI2JCPRmMY1jeYQvs4oFpxtsyjoiygO9PuLwgPsCcb6LKIhKJu-wiM8DjByg2POI4DC2N4crPQZps7iiyIAvdQzOI1vpIjqd6m8s7endp1KGWe0GrRBUciEwOcFqNgdThXjNr4D3alcxW2y0L2b6STdiPvMDs0crBkNQlUAVkreRo2jwmaCQvU4AvrK3i9VPqReV6Ts7ypnPY_HXCAExeWlti3L59XzyGPrtWOx147goXvP84F21GxOeal5NoglhUSt3R-ie6hZEMtoILOXCfCN_QZTSUHwf1xpaeShh-h4afkngsq8wVWJgveH2MR6f6VL3jPizxSGd0tgW_ttN2vun9zVmfELxuSu5G0zDYYH41VRrduM_-cX5jyleF3iDpJ1rzr8zLbQRZKeKKHawr4xxVorcj-FAE2rxtrA_leGe90t-QiP7vGDUYSMTxeZfNqc27T32p3wP41cBN7fNY_xLNn0H5Or7OUuDTDNAz63ccyvIiZZ3_Dz1vVjCLlM8GSAvOTF0Z0ESmLnveKnW9xSS47F0vgaPAmlLn_jm7ZJQ_LOKiTMrDBN_R-OymUNtqJN4Hbfw3ydVR9Kgbna4VWPFgoWGcFxASsaYLuKaNwbeAfzmco0tzGcbFhCIcTYh5G-NFjjje8-W7hRzXSPlNjSGEQI-kRBRT2YW5dIiET5GA19SvixtTMcEufbX66ndDCQ&sai=AMfl-YQlTUoJ3G15yuxDEB1kcdDhgoSo0D-VXZo1gIw7oth6YSnoRQkLph6GWUJpwSktSBlpA-eOjHB74kg15BqE147sYULwdOsNvQTaD9ZtGWjmGqwMAj6XSfxDRPPERkNhLjtSeCVYHR5jAQvxwNpC3wpbBOw2WJhTVhNwM6sTRxant49UWGGMVORVDpKVV6p1Y81BHSgvKXIPRYDTAK3jTbZbU3cQ2Ec0XxCNS7qNJSrnS81zGHxlIoMjhTKQnSx3tCMNkKhvjgY3p6GB91Ipzh7yJgQPrUvaEWjmWPvCnO5cKmIXL6f60Sh-b8fqY-a6xRriH1LDb1GWz4YXgCLDag-7Ofntjuk18udZG0UZ50bRGKxRLpGlel4N33To2R-o84qUkbYv0qrBlsQ0EMDWRUto5NSrCFSHDVR-XMcUjJadr4hZ4w&sig=Cg0ArKJSzHWPUVB0OlzNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=497&cbvp=1&cstd=488&cisv=r20231031.01544&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/11698040626992906240/ Frame E6EF 47 KB
12 KB 74ms
23ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:30:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A407 0
0 200ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6zGaDQhR3pq72H5WCSngKmuFQm-_LClkv4annNuonNiq6uTB57iVzs_6YoaIL40zQ1M1NxUXgw8QyNz56AGof-RYJ7SH_iuwzdXqf30EuSeiwzHZcGRDj7_oNM7yQ9PXKz_wHyGzX_BLbvNvWcDLhfoArwBIqWJiOOk0_GuVinnvN7pjrvmI5bQEgUm2EtWh70wa8EKYSO0y9RhdLSrAABPYwVlPRjoGGumGS14s5ORdlHI1Gro3EUwhDOp6PAgmFuz_tMKUgz6g3PSc-BQutARMLFAsQLVOIxoS2Sfb2JfpCf7mxzfNKHqGi21sF9CzO3X31dVeNqdjw8X_hnwrqEZWVlhSdThSFJIaU5INF0_ytjnZU46HXa0RN52bj70N_3ZDVv2ZywcbL1nxc56M5Mdvp73ix96fkbx6sEIgieMZwPNFfsx_N9JUWU-11hYoWTfQ1O-6mZTKByrm1lAi2dkg9wGZm55ATGOPm1ddUSZDupt3tC4YlfVrn_s7qPRudPUA0fVT77KqElot6jFYqbVA8aTgAo9DAOVwL9hF0pZ2M535buThWqjJrKnlTeNt6LSkAZ9F1-vxHb2jfp28k8Ys7k0-p31BiVTqNHQrcS-yG5Ir_VtkLkaKJBi48q9Ng58EMtuew7l9wWMKpuIy-VHodQcJl29uFPrDpb3PLLXwPPkrOqia7EKAEVtHGgQb7sW7BKTqYtjnOBvCvXHhzWZcUra5tMyhH98HUBQjz0Q-ajGXVw51oPg2OS2BMNCIglZwc5IPnz9X1XhzrlQ2uliBWf5C5K_-kky3_Os3p4jnFQZULqFH4-fX5O8pzsxIOuk1zOGGxFxPcOXydHvWVc9G_7Ar4GAUDvwcX-iuZkKX5c5dnaApa9mUskaZf_2monMvYHwn09Zc4MBcV1Cn6qVT9ZcoTEUYNXySa82C1NOtn9graNAFY6QvOpeOvyXq1Y8VTsR_zT2YoLRg0iPVnYNdoncrXtlx5lWVl-ws6ajaW086pHpBtztMlVpDxN57wgadrlmhCIhkkNgioXziKWNrmAEuXZP_1OGi0y6gumvGfHCe46bm0Hh_SAl7VOr6pnUHvJKsaE41oVkhZZDrN3sAxwtHm31QXMOW0eB6FCJF5ONhqsMtoO8iDmut6vOjObUsnmzqFH1DwY6BvguTN1qiRy0jeMWBlaKYXVRFggv_AEYQRl3BjC6T09GIP4emaVxAp8-Ki9GJbi0ZF72UpZYd2yy4UDqXzdy3YaTgVVng-JVmmMEZDBHQ0g5gGXAm0J0deklwsj0qwcSXVJ17otGsfRpTcRwkqwKRMeBIgQTUP6y6w9R8C52sJTRdS-6k17_qHdTpviH24ZOhZHyZYifZ6HeRImHyMpcKnhoQQJQ3ui9ATmbTwcJ39GrFk2IHHrKU1ilKdp9O0vTX5nNTLOCK7IqrNK50oovd5pVXgxnPAIXd8pfHagR3qmmJPWcimgzhDfL6QAPyojlSZ7dDO5jfKbMiTLVVKlz14WnP2BnLAHLG3Z0J4WA&sai=AMfl-YQOryAWrxWblL2rdkudJSySF4EUR7PuiugUtFUQ0v_VAyb6PlGAXr6BBF5y_SYDXJFWBKQD4QQZ_VBTzAig2r6_54H61doNTMeGJY0xBLHF2A5VDVbj5GflWFrUsfKgfY_SRfgv1VjsQIddsulnSEoOAP0XFhcIjP1SxbrNRu98ZjvGZ_rgGuzqLimsQuHuvzX3fw0v-0HuQRyi_F5xzMSZ5hil-xvn-T7a4gewHBUWjYgvjEZ1uZeNGJ066dyxJ8TSQ036PU_APPBwpG_lwqkmGCw3DS0lomOCliYNQJDaeiL5gF_bzinTuj2gcIGE-l8fgW8z-mxjFy_2WGYVhZ6J6eID1jvPkJ6OWsIVm2xEcjXcAExHoqvkCtGKFc72zphNW6sP6uN9giwibYwrcMRjm1e7u4FC43PVHODynldX2IHeXA&sig=Cg0ArKJSzNeRAKn2OHhHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=533&cbvp=1&cstd=527&cisv=r20231031.99593&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5D64
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1&google_push=AXcoOmSgZHTde1j8eUAwG-eizin7EPXH7dX_a8U7k4DE4n5lb98D6lzXnj9oebPlfZGwBdKVS1up4yPBVRqGQ-DDuha-NPPu3RO1
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTEyNzk1ODg1OTUzMzk5Mjg2OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1

43 B
398 B

45ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELnNdoMXpCzYOv-_RH2S6xM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5D64
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicch...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qic...

170 B
188 B

34ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicchGIc-40vR9XJswt-O3K4N

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQqWEopzHmb8Rc2xkHnRKbhOQ0_al2hnEbFSl137jPWJNLaoOSVbPUSjajgJwVnixbhql4qicchGIc-40vR9XJswt-O3K4N
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5D64 43 B
94 B 133ms
24ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmTq74RY1vjbIsdRbFk8t2ia4Jcdzwg5wAHr_cePLjOdqhWD0ssL2avEkyvQWYfmrwGBbCBlj1rp7m_21lC34KYbwMByTVwW
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 5D64 0
236 B 143ms
33ms Image
text/plain 2600:9000:211e:8200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHXe7iVJ5tWDbwEWzPQQABo&google_cver=1&google_push=AXcoOmSKzEqtb1JkRTvU_miUEmNniuJUOp4ICLmtdrEWDgPC2LUIk2pfohsdgQkSdLLQMTZ0dngo94v3xVLU_fNjb8wW_U_5Unw
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: no-cache, must-revalidate
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fI1teQi3JhHpevIzf_loUZr43ea1v-FRiKJq1tQQJg9sSJKkkKA0QQ==
x-cache: Miss from cloudfront

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D64
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXkcOCraZjccY3mcGkM

170 B
232 B

50ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXkcOCraZjccY3mcGkM

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSNLcbWBn9WUd1HjB1_WMvJktYyKwIK6Vg5baUZLkTzBbsj5GZ51b3sgTDcZBt_Y6WGW94yfJ_MWWXkcOCraZjccY3mcGkM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame 5D64 43 B
198 B 139ms
34ms Image
image/gif 52.51.19.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEEmxzZ3ZiQtPa3zRSYINoWU&google_cver=1&google_push=AXcoOmRu8AnrEV-y8U_uL9UUUNZisKdy2rlqEI8r_eEw02uO2uvSb7gly0pqtNxUPHvULQWKEfWgkZRen-B3C_hH3AqL8D69X9YH
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.19.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-19-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Nov 2023 02:27:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 5D64
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDVViVSMVxb-...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQzC6kNFbwp3BTAHkEypNdwBDWEJEHrKDo0vRhvopIeWtS-F0WlnA3OjIv0GnCYwMFyNJnJ2ia-bgISIz1fQFoCK3muP7f4Jg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
32ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 02:27:00 GMT
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5D64 0
40 B 142ms
37ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9Vu5BsRoEdDms9gutih25RQ7ARPsHBrTGOkjAhERidOYIDxZAzIc1dggSGRSespkKJiAv_g

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 24B0 35 B
463 B 115ms
11ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTf6AMyQV9p6ltXMvUUAJE&google_cver=1&google_push=AXcoOmQUI3eklWNr95sYpLfA5Y2e02PUB0InJ7RDCXsA2NMnFmVWqtjWOhyxsiFumj8GRX-d2m96dKjdgJsOsWRCOh-l_JSM4Gt5

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 24B0 70 B
149 B 229ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENmsdv_VFLHf3Qt7lNbH3TI&google_cver=1&google_push=AXcoOmTHHn4Z5M043m8BjTQ1U94NOKBGR1AMSX-0y7Imumv52Z-xwwuT1vT0B2D6Vj5a8Zk6tB7swL-NFX0lphZ0w1sralbNb8K7Hg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24B0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAK...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAKMLVLdgB0VwQBlwrdeBw&google_hm=EKPEb76ZSamkxDtyjW...

170 B
232 B

47ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAKMLVLdgB0VwQBlwrdeBw&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTThiRCgQEJguNDUVg9uM0Tl7FnxOnj0KvYtqX6-Mjz-cII5RF4TCnMWZriAgif8R3r0jz153hKdAKMLVLdgB0VwQBlwrdeBw&google_hm=EKPEb76ZSamkxDtyjWzSQ4s
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24B0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=i7h7dULYTsM72PRTLYNPjQ&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW2gGp1i3yqz1e

170 B
232 B

53ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=i7h7dULYTsM72PRTLYNPjQ&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW2gGp1i3yqz1e

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=i7h7dULYTsM72PRTLYNPjQ&google_push=AXcoOmQZoM4NMwNph9KE_PJS1mH3TrC3WbVk80GNRfUUiyr4ci6pd1elLo0Uw1l_TeH-EzQlWFogiEhPd35Z_wgW2gGp1i3yqz1e
x-host: tde-deliveryengine-production-5597b7478c-xf86k
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24B0
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU4NTExMjgyMjY2NDE1MDg2OA&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-...

170 B
188 B

33ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU4NTExMjgyMjY2NDE1MDg2OA&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fxG1Kmp861_G1vzrGDyZdmYg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU4NTExMjgyMjY2NDE1MDg2OA&google_push=AXcoOmTv6j2Z1a2DZDizzxfffBEhwSwX5eSXBE5Gb1wsERZYakc4Ij69jIqopIIMdWWUhoc5tGHfU-fxG1Kmp861_G1vzrGDyZdmYg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 24B0 43 B
362 B 113ms
10ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRGlmPT5RuoavJ7Dhwfnj8kmo8_j6x6xS23fP-H8ecF9BsM1eIS1ongk1N9FgRyzstRqe2slKH_G0OxN22LtGi0DHorYs1c&google_gid=CAESEI_sbMpnusdusKYAjobV8Qw&google_cver=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:26:59 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 240370
expires: Thu, 02 Nov 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24B0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMRXeB0BRC-pK0s5RTM20Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

31ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMRXeB0BRC-pK0s5RTM20Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2CK1NYLwH6BeiA8ELtEw3EooI7sD7Cou2A96eyasQnAXM7-_y4YD9a6tvKyNtVPQgtuqNGoWdAoNDM4MhZ1w2GwGJW4_6Mw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RMRXeB0BRC-pK0s5RTM20Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2CK1NYLwH6BeiA8ELtEw3EooI7sD7Cou2A96eyasQnAXM7-_y4YD9a6tvKyNtVPQgtuqNGoWdAoNDM4MhZ1w2GwGJW4_6Mw
date: Thu, 02 Nov 2023 02:26:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 24B0 0
50 B 140ms
37ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6-qcxbFGOqknbHvJsK11koKR7GaRazdYCE-5T4NQOIgvcVB5j4yYoEsvIRxzHp4gase_8

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/17952959967271059456/ Frame A947 47 KB
12 KB 113ms
73ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:00 GMT
expires: Fri, 01 Nov 2024 02:27:00 GMT
last-modified: Wed, 15 Feb 2023 15:44:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8621 0
0 159ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssk3LHgJJyD2ynA3MnhnmSGD2lYP5lMzllQ2Nj9G93idVvkOT6YCA8WBWxIHEgaOFIeU3qW9tuElbgqSOOpvWB9ElKI59ceyEl--LrnkvG_WpxznhPRYaJrz_U2c4Nh7UxvT4UhfQqXx-P63YufGMEnQA-Myos1TjwQqu5UmV2d0_o6B0ApuzeKchxYjPqDi5gR60UB7OIY259jmVsvfnBan8lK30rht51q4CLmB_IEgwmmQF4kX8NP1S_na-DT1VVVdFB_l8pGZ06-eiZVcPNw4R6ecRjvEB1gEwumyhawZwX8qMYKsIWjJjOQC0smQOqbLr4IJ8Ofl5PAXAFx89iCu3hFQlLSk33HQZbcBr0YGTg-l_uYpF5uoMRIooVnnEOLPbQac6hQw569XGRQyF94svzhAYUBlOVsUUkDi_NO-jIRHWAnvTJj6DUumUHV9g-3NjDpTCUI388fz2ju7ELRtu0qdluOP-kquygq5MEojP4pR-tEXIfmI2MixyhCrgzIJRJfFpE47lFymW-6cMBJbiRL-CDVCWDbUmwZOccjDiDAPxNfDg9sjRU7QDkjYQ_2UYCkh44cxOfZpiM_krU3Er0X-pIeA_RF24rmJMJjGLDQIQfRZkFQjHUr-a2NTJfby9ZjCfBL5BixZWNwasTyzygp1Xlnqnx9an4m3Jco1wdX46INSfzNWD_phMHeWxJ9enNPlSiVNc54kv6OzISL0WodknzxWzd841IjYdR2mYU9OuEF7Jb--vYMpBJxA2lJon2WHBaBxUoPXHQNuCJcycR4ZqT_IylaPeWBFunqOxCzu7pc4djTmyaep7yN61uh_XiGMCUUD-0nIciwjzDMXwfBu57VPqCTnj7LTRJBZU5IdeGgjQ912ZD_ylstSK37i1QFmMRw1QNhH3sY0UMd9XSYRnSaRotl0mPuE0g0f_Hj4J_44AjdnUPDDXWd_BRz8qnPAy2FPCp61lcxH0RpA2qne1CMqezrdDJFXOPuzqxQ_xxvR7VosuXyL4gbYRKknNCbN2BcE24S0nwdzpSHd-4Y6iP7XYZFjXH9_dAaf3yeiE-pV9R14eAivQ8M1KVgHFWc1dOvbsf9DG419G26BTSzRswwnKhRi9Uq59023TMiVravOnXLs5ejYjk6EdKfLoWVVon43Hzh0NBZyjaupOuOcUQ_cZq7LCQ61hUJVnZVpOOB2Hug3gTWwVDjRlxaiMypGnTkZN-dgIx9DU1K6tKxK3CURIPhh9e6lVWOS6hozs8HtPR91lRc9kGlyF4agEnv753623SlzhHOo6q_NpXa0Of3PKPA7oj-ezUZfYaPpXFAIkmzV_3ngzfJh2Jty9n8d3FQ-AzGrmtLttgtIrkEU9xbDXsO_uf-IS-sO8JfAwBblqThIUF-f5BZmirKcHGZOSagltlTdxFaXLtIKC6T4EJpIJ4gpJnfznKYeJ2lNoeVx-MsSSTyqw0vYB9o0yP2XXZUYLGpGuZpIGPEA5GjDusqzGBVUC7Vh-KUhMEmbRcX8fxHrTlv&sai=AMfl-YSKftcqtM7JgCJM07GA5XldCvswW9HxvbCPUGW2KxwjpokLeHwMtbj3OCEOAckE2yWrh_kJ7twVbp0sEiCJnTm6_XZJrpdoFYfOX171i5xtbFfaPfz_L8Z8rzrTvRXAv_OFF1t-R6ZpYiT2HdMsUwDJqu5DqHWt1G4AGfUoBH60vs8LqB3BMQkbkU6XG8Q_mdlWmsKS7W77VBCM2ND2nnAlbs4IKUCCrUUcjUB3-IHnIJWE9Vas3GiCP-RS2v85dkorsiushqCDpPCelPqqPtDbwqgCXoxLkcM0mn1U9M422QDiLEvT4fj2KG6b8AOQ3uG63Pmslu9z7PCu65i7JKnv4ov5Ol27bxNkk3NTCFhXqemCaeNL8LUeol_GgY4iLonhWzUSD7BGoQWR-D3Lu-xsydWZX103XKk99evvo2EQZm7MJQ&sig=Cg0ArKJSzLo3FYXQpVmeEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=509&cbvp=1&cstd=498&cisv=r20231031.21826&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F3C8 38 KB
13 KB 36ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2451 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a21999c5642d2e15a6c8278fd60e87969561e3c2ac29254e637063a125d973e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1F16 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68f6ea0b93ca49336682ce3e591d8cdb1d10dc976e99ec48d3910c041431321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 788F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b31cf1e21d4d78d5c4b7063c5494ee08e1bbd0ec793d9e3ed9bc46c3721bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D7D 38 KB
13 KB 30ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 58E9 38 KB
13 KB 35ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2EC6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa963b84220fc65410069eeb6923c5bff90f10f9ddcd2995f3cc49b07e1b6714

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5875 38 KB
13 KB 22ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8FE5 38 KB
13 KB 21ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A407 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 043de35f6e87c2e4cb2397d5f4b2b20090bdfafc8926388bcb979d755b390e20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5BA3 38 KB
13 KB 28ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B91B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 947b4ad8716b529783dd96fd10fc10ffba2179c7e6bad1fdada4dd67ed396d21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5410 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 151fd429a1dc2cb40ef9f5503d862bc022af3bb4583e705f91edbac953a2f569

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B46E 38 KB
13 KB 27ms
17ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8621 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0243ee50ea8323befce817680447c3895ce4b340b5c3b146aabd1c87c88433d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B55E 38 KB
13 KB 28ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E6EF 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E6EF 63 KB
25 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1948 118 KB
40 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1948 63 KB
25 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2510 118 KB
40 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2510 63 KB
25 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FEFC 118 KB
40 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FEFC 63 KB
25 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FDB4 118 KB
40 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FDB4 63 KB
25 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A947 118 KB
40 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A947 63 KB
25 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3952 118 KB
40 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3952 63 KB
25 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C2AA 118 KB
40 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C2AA 63 KB
25 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A20 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3774558260243&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A20 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3774558260243&version=m202309260101&ct=77&x=1&cor=3902820229449592000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3A20 16 KB
12 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7oB2I3RHjsnxNowaz7QS_eN9vKqazmZfV38T1hXEtqZ6zoQYlNp9bULORB85lCWofp5HeaLlVi_WdNYuilZ-Hsz9WcKZiGm3g0AZPHZQVYeFJUl2FcmN7GgxnY4g_P5v_ihi5_WBb7UYE5ogbg1-PV_8WdQf78lgEzWZHAchVL81g4bc&cry=1&dbm_d=AKAmf-BRDE7PKAmgLDI2k3Trj6PwMZ2A13zoyIgVbhtdv8buuUvQP56Aus7y1mwAx9UTMKkZKUm1LGU3i20-e4WfxN9hBHEOfDjQbU1LAkzqYAoJTCQsToSE2EA3ydbL8-ey4bvJ6WpEA9T9RIxAVAWM0nJ21b91JiUgAreMCVTEdLqWqjmQQpunCcGHnIYgPwz0zFHFEtDWKyLbUZo7r-ERkTyBG-nO0hxJRI9driKFBf0_Ev8ivlRKrTQmWAurJsYrDX_hjc0msxaX1saJYxnxk5Quo3CsVqd1SabuIadcCvqE5WYLM6q4l4nFnnlgtJFOEfBuN6s5ZcqurL8AHUujzgonX4EylZP-Ea3MARXKoE6_ObIPwo7H7D6a_y7zuXn1dLDsKduk0MkvDiNiIwBFCTNdmfkjVkLwfNptmT8mq6EFEwEZLzBZokWS2bEPIgTS_1pI_htKgLmvoOs3rs-lL6Q7KXdlvZr2FoQkqPmEkBvIbOhoQSYz0ImZv0pb-IzV-SiM9H5xhtVIqDmC_Iu4j3QG6ocYIOIOt76TOjlwStdSfvNrDxp70M1i76ipy_q3Czc3sRlutzYM_UU3R7g_WugnktewB81K7wd_KBYXB2xP4cft90nMq1ElEN9iwjCwb54UJCbRVkUngB_WPcJu-IfFPKvPhcc49wNZAaOil_BZus_4vQdW1CgZyVpN3Ccq_zdRp4R6LA1ABXgBD5D1BjbzeYojtjmGJA491oAPvTEX0mqEB0SCArOmwI2hpE5fr3oiVRTG5QBIgNqC55XXMlMBWJ8wT4TLnLx4P3MpuvSxZDRj0hUcTFMOJhEfSQO33BbH4soRuAmNRz_KOswrE2nzHMBLWdB2WEI_XitjZA0cvvyFTYD4R8xPkkUglhtUgRrVFbPMtcIS0sMwjwuJ64SoqFpcEw1GWzUh4-fTJCMlwx4ZBJ83I4W98cdNmDQ7U5Yizr5580gImy2fsaqlkjbp2_8P6Bie8FmrHDnqRupVWz1KZxK5y34cRuxhBwYt1VoPop9B96bU3V5Tw1Q6EentfO6tCa76UF3ZRB_qhPLffVB1vpda8Lz71lV1ApS7P4M0O-ripoQKk7D3uROjdk87Ke1Lu_JEeaTjo2j17twgXShPAhwI3KJDLozv1huQKRp54tDuLqLN8ZIcLIn0y_EFy3f2WWZWGU2Q4hmnxsqRI8AP7IehzvF5jFbQLN9vk70a6Wt3oeqo8TLdL7tYCeHpOk3t-X8wrSJcZMVUCHI46Qp-fUU1DxluzPguwWt-aqOX_2w4NVvTF8gars-bSfLTbNR3LxdAlmzVmwIlEKShWTZPxVxj3OUA-0jX1it36qNgjke-a6FuZlqdKlaYN3B_1JMYlCwzNtQjvBtpuSA_i2RAc1lcYlUiaUYY0ra-hz9Ndav202N8EVnXKcYuNzwZw0o-5nbXldDuyulDBgeMME7QejMrbrvjaL8kdodjPKYR0D5LRe-oU_wUb2NBK7R5javSFDwjrYwD-5aRI_vbxQGuO2gfzxY5kcH34VCWmpMombH0x5C2RESF13CSglklJBoY8Uvvh1G0W9Jiw_xQEHGR83SOW93eBddXPOBKLx8hZ0nluK4atCl6GlQDHTnJgg1Bw1NIw6lO7A0A14YIQKKCTr_1sGr99GJ2KLc2HWASs80MldChl_nQe6nOtLCWNVy-n63nsdy7AKyLZ1_O3xwGRPekE88X-2y0qmcZko5IgHyMNFrmLpAau62p1pOYPNYXRLHrrC6rh7ib9nnoE2GDQ8S9KhwuENXWITDnWcNehTOQnyfeIfw72rNYhoiQqK8zUXLRWvQbJPTrGISW67jNVpJToq4BbYuaYCKT-Gmk-BtQ4j4JOnfHYfkjBwYzh-QTkgIj9vl82Xjljm6zJIz81kHUTZ1lpmYCYyS_qguyyLJnv8itiwsb-Sj8rj4rqLZy_rSWfln0chkGvArT3tOKkHPESziVjrRUjGU6BxnDIUBQ3Pzac7_BtiheE2bX_1ydXiELju47pRYG4IK3UNabSB6BnUoQt8NMe9l4lCqdce3aQx91l5AGjOhku8AbmRDW3eWYLIFI17afX3-x4a48MZ2Pm5AyluMd5GQRHGWLP0bXuuiIgFcIeobjJAocrrhVvpVJFb6z7wHKSe9LpY8y8PrjzXrm2Jme3BxEiwfMuLeJZ0IDkFyEsTyIV5dwZF5_13-Y_xL7SA359u9fZ2JZEIhp9MI6QdoaG7NEc_sXiRKVdbF4GDvAd4F9RhQJ2WvqKwVT3346mviaGH6U0dYDkHvJccm4GgM43VQ4xuCpq_K6thhv1-kKqajIiXPVmTK40JAt4PYDCH44ebIUMvHCrQtEtaFBGo6acOlcTEIswCdLBEEqAbNF--MXjd9zc8xCJQH_xWALamvgkKJA45K_V07oTUdxYSSKFhNws9Ve06UiWnLM7kQ0-ELmoWj5AfO7nX4G55k7AVruX4gL97L8bqFZHIV9XnPr5w6XJ-qeOzrcH-e0v2VJmnbOKAG-Mq6GEfl-_HCQVR8abYhA86K1paYvZozOPMy8vsMsoZ356wHLa8ysvaTmHOopFfrdXpqbSNsAsTzT0IW7DN7xmcTNWEPzCmYGk3SzjaGH0FyZiyeqmJgwUcJPQb_LAJtnYaVL4W2Cfn34d-68_I9ldpeHzpIpWbmVtglTJ-CM8M638eJBtt9kZKA9z00C-TkeyG8YT8_yoQLK2nzhx8sTsGW-Q8wzLzYBPS0DEegWiewaq1FiB5MZAmfSXyzrI3-hIXgcdNi7_cq7DZC_0yva6t38DJbwuYdKMNeTNpdqxaT4AJxPRc4UBEWaqkXgoWNZtl-CWTUf918FNBqfaufjDT2UpY_FGPpXggq8blTthFDEW3JsMt1iJAZcdYO1KOxjSLevmv0Sw582yN3l54WFe60BKsLRAqC0GoNub8-dl_qRa-o8YiIMoMpDfw_yw-PvbPbNDooebMHDYfh7IPacYJoZwGGesL6KhcoBXb0j1KGHa7RuIfHJpZ0MS3nPkvTQgtwlfIY9tOiQwK5UZxoGOcacbZ7wMpr6Ga7_suCe8DgVSqcyuOp9ZZu3myfDa4ZJGvluTIeRl0jeaFb2JREtEjNGT_PPZqyDS-9CHpnkzC9OPHDMlXys5NrkRhtSVomCcQioACWDu4ola7kna2jphKwu0EsPYo92Zi-Y6hoYjs7z3-pgFWzaU3jsdGzPbnQ4JBGdYDVI3TDRjwIGNQ6yv3_xzLSCPdrmsdFEQHK_iV44coO0I0_MZMU0Q8K5XVpKRZi0M4dR7UXYen3aZskD4bUmllW7AloHLPktMYoyUTsaT0ZZP-Y08BtXQ57S6QA814lJKb_pD2VX-B_7xuxxdHgyMkq3jB__lwryssm8DrHV-_s-ATogxxWdDepYVpmrrjn9SVJp8FnjXVTsoUwRf5Ti1lUFbWcRfHKwOWhZS0ADLx6OSIPxZ5eGrkmM6dd0Mg2QdtctC5rKfXqiPOudexUHbK-1l3LdzVF9zdH-98nDHIB4VprqOVNrLL6uXq6DGcVRD2PkvpZIOl2fvgG1PYEU_gFLMB_2-Wd-Yk9Py5XATY5rqnVHsdZd4cLRCDVPoTBC0H5TQhSuHm1Xltt4UPc6kY0BtmBezi84YdIhL6JXuGcz06d1Vp-4RGnk4AA9CddGOYpn4vas7Z0hBHgZ7W87cAtn0gXtsZ9-RE92I7I9FV8nQQVCrf84A_6c4JGBhA-tnk_wiPJkrtbszPcHGLIx0l9ePVkxujhKuPjzB3TZGU4I9fEFL6vHHWnxC2MYH453DIM4L6qq1uwsGqlc0mAUTC9-HGz2S2rwyhqb1OXbaIDTrVOHZoYtiTPgafNAWW1d_ZE6FwMfyYbzmPQeQbn3eFobRdL66meOWbOPMkR7_TbGx49Zy7vLnDyLL5NVyzFqzLjzT0BkU1tQRuvygx8bvOwDcPa8MnmaBcq8Kro7lXwGWcOquhhiX13Jcb_Zv3r7wLMjIJkXGxmiQSkz5_FhxZAmogX4MHDpGB7Eb7nIDet2k34-0HTsf9Qz6zjQ37zlIgToTCSHhNVKisbr5Bh8HrzdQBYaRD-J61QWtCgcBW7nf6M2E3xmZQa9d-3pJpv9bQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=3902820229449592000&adk=496764934&idt=75&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58e911e46bc403c7681e8830215c4d06f8a1c4e1e49559a3e2490885f040e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12428
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DB6A 41 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJG5w_EQSbhrNc_Wi_xZVPQXvhbMoXxs6J1UOQmq4Yi1NsU0U63hUlkOHc_9iCRaFVIBcDWU7gYfMd7aPWYnFVoQzDePJUkPPylYeVSHNmnzxVAxr1MHO3vopoDRLKaSjVHZ3BUfgrzoPyr3ti0zaDhe0kvPn92qYvYmD_OqMxkuDH-TQ&cry=1&dbm_d=AKAmf-BCDCJ1l_OvdGr669G7Fm8mXy1CWrdV0z3ReeiaiAGz1r9jz1IKgaoY0OlPe27kCDWhxvfj4K9E2DDN32jorU-IXdE2vrB_ODzuVqsqWgF-PTah_d4phTZ85P1JaqNF_S5Xxoa2p-vbc8d5s4R_QdG7Zx0kmplhwktb3g7d0NUzag_ZGCUCzQ9W8tVub9SpMxtS3yXHog5wOXLWh01xwTvDUL3QIGVTEmuR_u32lVY9cevC4Cmx_bTtGfH1lWFc-fsa02BEbo6tChNSBAUnZDUymwF7NQki8aLhYhyNeYklEqGh_lkhrhAL66lyPNk2fA-GBOLY7WUL0-p7gvS_3rV_ZUHfbMHu9s9BFOICeIAZbrQLCIp0p3DVaos7CQkftYiv00tTf8gSWfBrcl-BET09v_S4VSTb-S-RQWBv9VQ2mDV5FdgzEn4vac11su4QZuq25jupxLQ999mQ29E6RArPYg7unFkuHNr545dpgRMy7aYBrcuIDQoU2lP19_B5KUC3s03NmzwD8Y22DfwvMm8C_ByEg_B1oD5_52iFikWfZvG8KQMtGpEUxbKWyP9A0Ys9lDBGx8artvE-M97kWlq4bITRJa9-a_thLhbGnsxt024s5sLJxZ9j3s9B5OehzvRyPuVf_IRWyN9fAzfvxtlxsSnK2cwKbA4w66_1BMAmOiKOTl-hzykcn8q3YK_lpneP-xK6xcwEmDMH3HSkEuuWAP8l2seIzbsD6-j3_p7VvOnAPT9xQL9wBjP9dBHK-PoQJmK5FUlP7x9we73cDvscW_Tqk1JLuzAmfiVRBdkoCxfE7Xqycpn0TSlRrbsl_S2HwBkyeitMmyx9rEQEOjFigW88vOZVPmitqxRTS595mi1yrru4K4-dNO88gnPyA3gayiNd_Cv4GJF_P8LOZpCK6q3ol0VVNh3Hre-pNDHpT5PZ0W04q7qXeUWmqLQ25yEWqEdkcbTguXs_5pMik987ZlqD5CudLmJuE66pWJ77Ij1j2YoIqpcDAqiCKABA8XBC-KVlm6rLSOnbvXp_1zdK7I3SVHPPNlp_k-aJ-aXfvKZK2unwc6jtwDuznaPNen9MF2Bj_Iwl79Hs20eoCcG4BAIP2jtQ7NsvU1py7Cl25lFzZEvUh7Lbv_NJvWijcxEjYz0TdrOMDJEz0yZaAkv5F1Z2DfQE_2H7nR5T61-48oNwBnkze9BD8VCsmv2cxN06ozUjBVjiisFP6q8Ty67x6gRHV8yiC_AI0ciRKRPJ6eg2wdMIfHV8XBuwWVNcz4OioGbOtvNnnVwUonHU5JJ5kxxBcQ-QxRYwp9a85527Tf9w4nWEwibMxsCV3_oWbt5LCINfRxVraHwp0vhPDYy_xDBHjivASp-t1MAU1-4AstgNsws30KzI8PFOODPraFNZ1OD2fFd5IC9wLyQsNsWq-IxdUh4vcXojBUrwbBFJfbmnniKgpHQmWQ7apoLIHrLQQOzD8xE5pwRqmIgDAD37KBoJ6LRDruiDYb4UpKLI9ciNHwRUeRcqEdFStunjVgnyaORW5yM8gQfQ5mI5FjnPL4Omk3vHrroADWfjPiLqVIQy0W_i_aoa-Y89a6Lnhkd0xhOf2A2WFnuW7lWcldkzIBA2lg46L7sN4L6KIcXhKgBgbnD4pjhN7q6n4dNh0M9hdIAvd4hMo7m8pgFWfnev_ebJPI9tQwqjaekelM5iiTmSY8KWmS0kFy4HQkmdTBG8Tbes58orl4QHuM7DNhbOlmEfyts5WlBdVp6ylNwPYC8y9uPVf2ih8c1sPZJJzWD4RxPWxE2sdxJ_0w_7mhQ4m_fbVerOsc5F0NrILikAuAhL94FYce9X4S2yE-udygRpVFuu-toXhTFfN7oCrATWsae_RlRkrrvg8qLtyyVOqzzvvxqwfQKCiEhF3x2AZMIuPZo4EXgNvXPn6VlDCJyaImiQJYjJCcib6MBG32ymf1Y-74Pm_ADFiS53npZpAPWYr8P4605mRTP3L3FfnfwHzPDVYVblEVzNt7_du61RMNpUSNYJa9mkotVtwLnd9jTNbzMQ6r6RJO1iGRHoj04kwVkBtk9JR8dUdhFZrFTwfeI-o3lh-vUqE58GkMk8Y3nbw0pBFYFqCKpCC_mNBYXkP5akAekNjDB0tMJUtPJy4umVCiaMKIz0NwB4otGl08rRKSqc9jOjx3QiWcXqnXFVNQEzHAOUQWIp2R9JhHN_4YYzCfa_r867Qw4x4xoEM1rd7nMI0m4tGAKXTHCLcBBgQZ4sJ4iFp2_JQD6cecmr81jBJVUsnrqGQprRQQI4zivGRRGY96Xuh8aTuRUcIWMHZ8Pj8qdvInqvfdzeMK1bQcXUyl-tg2IGJj2jhV2Lc4MlTsoagr4ohItXmdqkbAKqobuBv0f_htVsP1P4kyc1CHrA6gQzmS9oa4WNPbscvKgM_H3LrqWgTgFI7spzdOByQ3nmaEg6B2FGWhvqEj_HHsyZUYhhmblSQoeNnkg4XEMUYYgHVmrk3hwoLplF7jAqAZUqTCWCL2xT48DbdcfgDEOtFbtZd5nc2QBG7PVG9kWZ_2E-cQ91o0_TMyxlAAhZI3C__aNDAczR5F-OEAdv7YEpmySPIdayFeHjAP-H56dqwE5_PDCuBxsJ3TIgkG-zU5IsSGz2rUyBl6Rm2bGaSEoAB3WGlJhFoTqn_SXamK_kbpNYHcUl72UeOReVV6kJnJMsWnoPIXgJSfI8j2DaG6uPQXFsDoNd5ursHdVbWX5iJLGrIsMAmvBXTUvdo4-ZYcxunE7ALubxRGNIorrap83WlOdS4vaF51PPcVwTJIx8ND9FvwmMyMlJIj83E8o4p07opLLRBvjL4aFDg9VAGWMgf0H5198S_sOUQZxq4mdudtXmj_U60C0z6CP9ALUiFREzQpksQ4Mlpkk-Kroa_XczGIn7fmFy-rZk1avXXQcD4HGLYIK-7-XwJLWP74fpmjkcoR-DRKyzufvq1KsmR_KF0uORPcLqNc1HpfFTv5EOlS3Q9eVDsEqzjXAb0zuI6AUVxmhr2UYfNm8izX-ehi1ad73_2uEW1DpkleGczwjTPGl5CtOxFMIe6Qjj9BwIssD8y6dOxMko_SvyN4TwkzbU5jprXlTjqGOF3IO3n43bO8unr2RhkOVmus7BWfLIHUakZ8xALwGKR6CJYAX8hd_1MPKgVfCN05ZVAVVv_zplGMDSxI5BrSg3_cmBWKkoNK7NiGN_VFa7p4K2IEzf9vLzLjFi35w_7VD0ufR_4ul_57ZTIXapXuRL6BihR0pzsTlE5Nt-9au-TOK647tVLG8NyijYxurk72k1d-N1ZKfdJxkHvvIu20kM5XQC8T-9T1fimqjoHekjcUBlXST8ninUD5agtJd6IQt8uRcEo3_uDriwONRcN8acEjOuGiaUWVsH6sp-Ga0VACH7YHtYIO6fpZS2KATjteKeZAfcNpYtDDQHXuSwIZlerVK2GZVcsKsc1TvefIEuWUKQMpBJHk2eT7iMNZX0si7ewGZwaK3RfOjTKYwN1iXuvrqCuF1g9vlncdqvF2DdsMgZJXrhPDzi3RjuTtRVzGaLWWGpqq7lWFtwgnNiLZEeilDekDzEjSN8GoMq9SCNpS-mN28RNZR8Fc2f_q2RegLNXVuSlZahzdPHda03VMs_JzNiqQiLqMameRolj2uHi7NH1LRmEqXSFaETGJApKLK9hoWLLJrlUo-k577xxAYOXbxp63tzT2OuofFOSZjBVQvuDAltyUv4kJsoxK72fMREKHHGzyVrTARwykKbHpb5edmuO55Q_9DQebSBpa1BayBvyzADLYRtXId3uNPGGYvz1sgdXxKsPjvpI7ePLOZgqyNfYaDzq_MSpypipSGw3tJmH7Pf_XOh6sKlvjPGTelV-nfbG7mbLGAJr9s7Jg1SvkV07ijlXcAhgWrO30ZE0MaE5m0ufOwWV4vsp0HmEJSOTGqDbC1rhjLxuGPgmntaCSwk_hv9NKBRvGGdFgUZAQiwPFgGV_dG2WBo-dJci_HTOyegF2M0ShGg5iJd40jU30oWwaWqQgEozsjD1As22f8xIc8CjM2x8ZkBZE116HcB_DCnfZwtqJYLy8cl85w7jEq2RCrZnlcK2A&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=15404768939696644000&adk=3037181500&idt=88&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 397E 41 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKIOMqVtaPNRkp3uvvYAGRVLb3nlyGVQDh1-mEJ4FjfHhcJoUv4zlbQcuI5y8jl91hs5FB3Yjcx1rxxAaufAyK-wszG6wJUlaOdfdAqLeCR7b2x6qf4Hxiduz3yCsvY0bc0d_APf9Jh6vHhdCv8epWzrsWnr9X9lUtMqPA-Wkh20T4wVk&cry=1&dbm_d=AKAmf-D80i_X6tKPqB6Pw3yMGrH7lecDmLOh7KMPf7DgHU4x5O2comHwvM3V-qtGjErqIRg0fwV0lB5P2srEVHcpNRkXzT5H9lpT5Hhl_Hxf_2-bI-oCWp2NMrHvTRt4Nm8lIQPg4sfO4BhZ32rRXokxZsDDjKFL7e7R4NwpePIBeKA6j9Gkf7JjmVKnARy1aZ-h4QKBcT2opRUuUCdYBH9ugW4Gqo9oUW1yt99aBVT27AwtVd1jt-JX84Awl7gjNxxvwv9Ee9lDi7EauB5ysBGiJek2cJf7tlgtHHZ9qoBuhLjMsSAyOlD7t2SHFMI-wiS9sIGEA7hhr1sDjns0VHOBlnbyuTeMup_1OOFH1Z01sCE0H6vSpZEUg2meLLEXknA-48QM7CoYqlgr5BkTRXVgh0n5LbK9ayD8aEX_RJ7jzSq_fTSi2kaB6B2ANH9Zk6mykuRjEL9qjEyrEhDleMyZuUrltwhL3n2XxBST1nI4_if8-92mpkgeAa2-4f2AAjkB9KM0sx3Yal20k9CFFIqxip6ahaWpLA-Kfn2TmfntYjrsEh_13HfmG4kKaF0HcgLvKzsk7FjevcdmLp42KlMc5Cw0aFHbQ6EhuTIZjVofM_68h6xz4d4nDN9J87qQHM89JglxHlBycch8QRUhanaApxGPILBdRLJlnGVnfOen8jjIfxv9-9LDotQJ9JfEmgaqyBkVDc9B-7poRgUHtn6Gl6udctpPyJU1OlPBQNKWI48dQQaW6RsUJuVzCd2knWoe4ErXXEZrc93Py8ghAL8IHRTUXTBAC5pmJ8BPwQnvcSgxzXkYEGE8_9HCpEFXUmKf8qtvOAXsx8GEQ71V95p7Q154Z_aedJ8fbK9vducsaBgkHJJXKc64dVa3ZyfjeN7-3556RgZdH6TRolQL51gJzgeTTOxDSEOqta2TnYezhWSpfDB1DnfRdJmanpMA61HRuBcIrR9VRkDnZolPJZnmvFsG3iHRi_dRKnCLVTzvvcq2u11_WEiEJKgciIARMlkEZX8z6_Uk3Rs3yXcPWDUV07wRTZKZ0_iJvgVVvQfux003FYLt6Cyvbsyi-uMpy5QRfqImHr1_r5EJgToGSiQEBNGq6V7UdAzpKuIDomSJBc2bZLuDTcCAkL4PGA1KM3tWnQDq8hHXeBvPj6zwqKmqaFsZ7bogrbwVbFjrJgGTA5bbuVRYWqAgbRZUHn3Fk9dw_pHRsvk0r-oSw_oz1ZlQw-tEoJFFB_W30VisB4_cpT4lTTVPBnkqVGz_hIWZoPZkvT8rRhFNV-0fjRiHVnXQY_DuR_cPECmsXB7r9TciwVi5ycTnn-R4YWhHPh9PahUpp8XipsA57igmjpzN5C1jjufLXOAj2z2EKv1Cuc8FlV89UOzBsfoxBPOZ3hWEywg4hMhFXTBVaLZ-SIYqly58OlrvpUvR2OvWnZXgfmcnNx0mWrq6tMtktibVhbVmGUDwczHat9km1RJyJ6A72LeUfeQ5QzHeqaTgXlG4_K9SgWG9mdtS6-JPNUDElsl3kxp15jBdI0MS7wtPFwdEf8oXZhOHPo6c1qiWMq5mW99Kuz2wirCq_ZIUQOFBpggzQoOeGOOCbzeDVtlXRmBpw0WwgZPh4MBht_fIju9hfiMFfADlqy5cnl4-mNeCqD5CaGYmClcli79O5bMxS5z5u4FXUW1vIL6SaV_PiDkvJK9b0Q3WakY7FEyRDnP7xXzm-qy97ZeZOkispgVXuTI69oQq0AK7wNwSE883c7pae0nYIf9RN9c-b2_aAZ65DrTZ2cjrApvehwEqg42_lsq6ZVFjVrB_0Uoo08CPu6SSoYB9Lf1QZfv0fVe_avNwTYe7L--qzgekPrPrgaQyT3dU8Wqopx5tkk7CNh7w-R28PJ-J9xF2KNbUaIKIoYVXO6FrCLe0BAyrTFrl97qWFL6RcUyO0zJ60ENW1sgb6syAZcGPm2tMUGPbtdMxDRwm9UQp_z5hu7sRxRiIGzyODzJHNgdXxdrW8TqCmnVSWoHiH_dqRiYf1veqFUNTv3Nnx0LYyi0bDu_jWHL7kwKSsFGxlsRHC43b9EVXx6JG77l4s8-kw88a706wVjx2a5dmuLKBJSIxRGAj-ZihwbX37OqeFOLSaP0yGuhDNPX27JM-1vHvHAn9sE_e2ETsuIRXfkd9v3W7cRqKWdCwgUFXfwDzjmM5u7eFKdSHLP6K-x1EXH68aLyWeNTMViWn5QhBvWL3m0o_2WuNHVRJNSiOh75dfaO1Dpt1k3VYaDGtbZOnadsKCz5DwCboVFCgBEGl_CRtP82et9zCjJtIMlkezEKyTsHwHUEKgHJPcMqJ6X7-33Vc7JWTQVCDxWJoFhhgvYk8dLQsQgDV06yGmK1EWgGGdsEm5r3Zbhg0i7G8FuVnDboXzqqDAjs7G38SVtfExVABMtsgI0u-LRKWNMEhiMlYYN8CScW_9HCXxPqfQqoTQ4LILrygDOLuzBI9PuPYATpMMgh_tXxvxuD2BPuSaw5SI62KJq8Sdkbrxqkcz4YlF5MPoQZYZExcWrl7mX23m58U_hztHK9OkU7E4Ur9YMpq5zOQFfPntQii7mJLv-9FQudVsSzzmpJJB75AwgoMZsAoyDaur4tsx021Wzl5oBg_AW-QgzZ9jaIuaL3EgGvBAA24Tom_b7pt7U8dcuWiBiiz6ZHRahINs6440SfsqTUy_ZpDBQzvNtETrWuZYJdGdPZEypeu4o9U5sBz-iWJQMywiHrAnTr0JLFsaPxUMpi6nh9w07edTpuX7_fuhMEWMH8HIkKnuGMx-PiX64Dz2FKn_mWKh72flSVGW5xhGoRtBUZdKnJb6g1ZA0KDYMv-JL3HyDupelZFq6bOapIjM0CyS_VMfAw--ddRzPQOwSjvrqnsWkxhjimNebg63hVgXLfLczTfGkukIF72mz8VORhYWYd4Z_Z2G5h8FTMTzymNss4mHaHS4w0t3W3pZPvwMhJ_2-6JjivYYHkV5j3NmBcStcJeF7WNhte4e9xUj1ALwcV1leejxmcLY5vfubpTOXqgMmBcHiVvWJd42Z1vRvx3Ok1a8lfMhWF37xWJcRCFs87YlLLvbsHEYqc-Jegv5hL_-i-Il1EmyTuIz4K-m7NTce6ZWQgkBQoQkWhPJ80Gmp5_t903wo3XIXLWX7r2pJ4Aka1VKHPB01GdtLjOg6U3WdcTyVmh50YRIp1cVSj1QhZBpe1TSC_IZlluZOH4nVKaBq8KWhLvTQn4oT6-EXZ3-0PlDZwiuRY6slzb9k03_i-DQZ-rEQGNz2duTivMdjYTIMJrYkYXjdqgj5StFeAB_Xl9R1kPsRBbTtQjlib4IbSLaWiLH5RAPQk6N3f44gDeHwfc5h1e-5hZLv6fqY8JGRTin94opoB57Bzu_izbhQ7afEJ-ss-NrLSdelekFQOTWjONep5AXj_aKnwfPp5uqlZnmPE79p-PUZKRw94ogiKGZBvljeae5cLlCd7jqA0WsDOiPys5GFGI8n_GMk6T38cTkqYHmEMtN6pcfqUQjetX4X6YHKo4VUPvVWHEAB_wqK27fafm8rUjp9UM0iKHdcrzEXlVUb8vHrSVGR_cp0BZ5JTf5ldTuBVv4n_-kEKHLh4NYexTiUH25_2lNRp0yK7YGDnkj_Vph0Gtt0mgfseRhEtfcj-jq8HAIWcxuWgczCkI-YLU1t9WU_LdC3WHWmvBH4lus3PiNq1IQA9UiuWeYTUDaWZNWJkt30Jj35-AjmsJDpy_q6hdFXb6vx_NTjZEiu-pkZFK8sJCTHPxRWPZ4uzk0S-r5aPkDTGwQk1b_QUr_ss0bb1OmEzoeu4138wWO_L9e7gSJFbSA1IYTYDwkv4bKb16hFeLkozoPLNqOxL--YMX1Ra48rRifjbGq3W6L_Q761vofj7AU-3kKenAxHg-kG_eUQHr6vqL4myB3sapOfmDqkuEqnITXPe0jxjr4x7TrUCg3A6SZW0kmcXCgOgEKMmT8OFQruCR9dHVQiuDU25LSVy9Apy6M5pfDmyNWpbislNPMnTvgZO90ge4zGRxF6Ue6wQumr7xz_4gd12SgK7wqXpy5Hxr3VA45EDp8rmrgFmAT5ccHoUT634WPRenMsBvlA&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=2499934831662535000&adk=792902355&idt=96&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A60 41 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AN6U_BXetvQf5cz15aXK9ZbS23wu4iDKACRbEsaIc08X-ylFnSj34LAyBWjA9ZIpEeDoQ3xV_1YO3pFqIXa4K-rWcu3J2PdEgEZSHqAzd7Lw5-sJfAU4pCp8h8gLgFFxjLxxrOq9oWInNz6hiqfVTZlozJkexdXAXmbveHejByge1i2VM&cry=1&dbm_d=AKAmf-CmD6TgPXsEgzxRz2ucSXz7Io3Gd55df82F4lqjf5YVQxHuPz_rwb41k5e-C6TSBpFdHejHYNZIj1cFgnybMPuIYhbP3dU8QZbSAeCfBmkXczNEwzKZnfUg7e3jhb9a2dSWQU1PMLoSf7nfGCw1cXNL3H6ll5ZP7rpIaI-bIrbx7NfOfAkfGKJGqcV8kkmoSU4BKUTELQLM6sLNhE9Bz7SnIlELAwDZHBCuDxSwK1jOX8dt0v5Z1bXu-6p2GwVKKLWRKssFn7_Oh6wmPJdsmuZtRGej9uPgNNQLZO7NemS2plSFRbLhPMX0QYvuRR13A7o1BVC9Zyl_JrxZNtzL8pXh7GKvHCvfZXwi_Jwk2COmCwQXqOHcG3qNbKMEmUqKpMkFlkOOU7XRdPFAY_xMRyaYmMvb1yqfzx99u7McppM070ikpR_ar81OBYYz4LfsfDXl3oLExXqiLCZO4b6DVBECKzYX5oVDURnbmav__qCi-Krh-D8kLdkS1cFg1a_phJUJZUWOGrlfd22I720m5KvHi025adBMZCoiF0lmQtFevkBG2OFPjL_bMZtADW9ON0-1o2NlaKHgj34lDvKRaheCaUTbDa7Clu6P8SiOMVSlicq5KL_yjIEdA_3U7Y5yuagBNQnSxiDJ1Lg-4frVEuEa8bRdZKpODgo-QtZtWFXt-L_g_Ljt0Qos857PTAmuEEKDUjWHqJwYw0Pk4DE15VxDjIQRHDMEP4SQl_j-lih5L_XmOF3j9V2ng2-lMtaarv9f1cnZdm-AYDkK41ipzJnnxKivVAkrhPoK2nfwRku4EG1I4pdmLDMHmPujUJL1Gsv4NyWbvC_7BvnKFBHeHFzbsqBrHs_srQ8DZIqVM-WlUhLTuNJCSLA29n_3uQqsXhKnaD9ifm7g7G7Be1MOCny41xTtHbw5ccItLEJHGOdhxL3a_5rPF838un4wdaIjbBK5iv1-O7G8rhO83ZxiYKVk3tvj2EJkXDnNetkFOl3itmhH8efwMJ11_eASg-cYFlZuOTXH4ECS1opMhyhbB8lLOt6JY4ELo_tW33-P9oHBYZ1Kmgl82KS_hAe1LBC_bf6Z37yHSyqAdnou-SKP4ZzPLNjxU5-7qZwLxeYwUB6V4TJJ-6Ppz9XIeCEcrxcLUikv2oWdiXJjUV7RiwPiLDuS6c7rnqHjSpykF6rfYUpd_IPxqw5_0G-sHoxWv-X05j77GZeYKNNCQUw-NXWN53hWApHN5Oz1jp8wSLcpZDVU1ijoPU98uafEhKCIRA31laqPKOoqXsk6tRjw83ZtEjYSSMoRkQ3w-TEaCrCXUyj2wneMjOmJDSY0OpPdkadw_IjTp_loVADgfr6ttHFL4ST0ldPnzqPAtbkK2ZX4SLK5ZckQ-4H8zVd7Qdzue5oePDepw0qnCWOBTt4-duTz60LvNSrjfHasLjg0RbgU1b07HwnExGr5ycJ6_DFywqjpZNzqj-RiVcAY33C2ITxWQvywdmUd7IGGvkdhw97jAV_30f15L3Oy6N-MgRA6G4LwrVT_Cj19_HQhUqDHk6bOvYdkljEt4XgbQFZnXrITQ797amz_VDz6bYgyovvREWC6bG601SSsgl9kBUJ0CO6OqxBc_iFb59nZVgP4HPYHAFU7s8e1KC9KTF7Bs2dic2vjo1Yz5SoIH2DSvzJ8Q2SFa06VCnd3rA2YCMRTQqRxuaT8mu51xRsGJrdPzT2XBPGwDwYbb4GFzoy247ueEISBzU_MpPq46A9u8CctGKHVKWdmYKxI6k3JA9LHoz5wzPh3IxLLGUI5b-bVgnR0VJc39xmCIhXh-vnYYcVefFSY92uMkFlR8W9O5W0cccZ782aat2s0gDe8A0pdAGxREN8plp73ZzjUlCm3oE1OXE_DY5c6QZFe3rnwxZOxVAn-m91uY2IqEOcbiU0EQfuhJcIMFzYd3LtnfroVufQTunWDd-VXCCHY42WS16ru077X7ZD5va6yr9NVnEnKzqR6QAkv6oyPQEX4cMcyPJ12fcqAo2MEpR3J3Q-FY5HCl4hx3SBzrzr2g5zKzZdet8OIazugrCoBZbMseH3uyLWNoh1ry_HmHKuwvqbi1wXGeaPJVi93U46niS-e2ZUCHIRNUkKNUHizUrouMmvuEH0y7RQKGNNsg02mn0HOdv6N937KIBu7P7uvf8tCzP0ZU2VypPkstBWfQnJfMcZ4kkSliWB6oWBZ0GJQ97nOLbicQjyfRvrfv_WynnhcstSq8apPZniqn8ytehcJijGqJTfolKwkOoyFmTe-FNAlTBOmf6N9xeqqMSJLmt3w9zUSi6duIfMOWnxCBMteesoAHCdTTtRlB15mVeOJRqOtVn7nAWBn_Ycp8mbtrMZkZcTU61gr53jGkdo00r5_3xI3O7rkvdKoqGqD1wK5zYzkbg--vJWMSBPsmaaHmnBJEGDAugOcTTauxZ6tmu_5MObkcvGeOIiy5mAXg9VM3RjFbV9Gz_I2lsYcy0f6li8cB0lT6IkrGBm497XBlS3jjC_s-pPoyH1Ge9S8KHl7YwvZ8GTPuOayoPCSdG4yIDK7cuWCBYK7_LfCYmYiZZ93PsYFBLmLDTozsCJQuqk1hfyCXsdcbvJLd2CIQQj4zM7oT8QpXbSEIRIKO1BvacNbbrm7DhRzUyBcQMwtlh-rOmk7OAjskk47B19d45G104Ps7jeaAuiU3NyW-OAqyo--unpUgMb-e8hSK8S9R6kmEzQYSS9cO0EhALInp_gGcm2gUL7aNTXTtfovWeDgYujTmjxbVDAzc0t7TUO5aCgjkkvOsFW5k159u1ugVtnCrmFSUYLAT8ElXaVkCeyDDkrW34ACObY76y9a5uEh0aMVifYyhhzyST_ISDfZlJcbTSMmnvwmN6LelPYE9VZgMHIaR2ra7JQsYJlQC_NWyJmhBf0NXMVYBVhTegLkrWLeAEJiTLryS8v0edYUjPh_HdidM2mlob8gdDVyES6I8MQmTQDJjmvvzHlw2dH1cazI8B4YEWa15ygX5RV0NnFy6xGZpXVgLnQ7rbA0ECUQWQRjr_XbTxqJVGUh6fAccx1YVFfv4L6pzrX5Pu-GdR4d6YbwaSiz2ZGLaA-GuhBxZ41LbYmMqASH6KZed89PtUgo9YaoshCjfWIyiF24wRNYXM-C6nvRhfvvjHu3HQNAH85hStNSTdYA_RNgxRwe3XudvCgqjNaWikQHe-u7U_zvACOzPT-Yc_HbYzMzOXJBO8uCR9KoV_QCEQprts-pNAJBUUXmAFtWzp0RIzkALEOcK-oEWfvKRVGkru8JFrC1gY9nGLZz9dyVPYChPD_sgwxD_dx-ByQXAfJ6qZlPvl45dNRzpQFFVR1JzylDE38T1MqPQ8U-Nie18ftrSMHYqk05A90vRJfq0RFgnNKB4dsZqbnqvdKt5-AEsX5y_qM8rfzsNXSnHkvEcw95SXE81ilfiVWJtmMDqoCJHaPXdNOZlo1JTASb5_SlxoW3U4eDFTaqvOgKYEvLCR4_u4oVbXpuT2kHcfprig_ieCHDwq_X3kzSP3wKzgVVj5vX06IsfH2SgV9At14-dCkprF_a2bhLjVFyTQiytNPsk_MZmP4rW8kI3R3fK-sJ5oNS22to3VE1BiMWozMxO1f1qsqaRZcrRJ_pRlrrUW0aOoYzHHPoUMh_P6WHtjWq2-pvB6pjQvcib7yrGMDhf55mbuIm0ucOt0TEKVNZMc2i2Lt9vlzbklYuhiKw0Z-srgxlEvReUaJczSuoyKqqEhtbLyIq-NflzD__JfVurP30z7UJMf5d3sIc-Y7UAPz2jhpmfUcgUdhxaZnjVzlJPzUEqblQvJfFumUYMXSZMFNZ4qTG1l0WStA4C8EwKCwQNLCGvSlSAlP6Arx74hUIiBPC364eMKUst4CiuXonwpZjQYA51huRu_vCg8PjHsO5nqiQPfq4knU2f_bp3XCD-nUG8_pT0HpVtzFJeJ2qjXIjFayf9IMJEInF7qx7vI2ghI_CxcSt-vSb4o352Fc1bu1fNqp5hTbltbnvulsJ8UHkTWHnoFGC08wOx3SXEukAKfrzlbUZ4OCzTckhgaZpsQBFThRtAMMIxCnninkrDgjYK9kmSMtApaBb5g&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=494908366874242800&adk=2004672170&idt=90&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODg5MjAyMDU4NDgzMwogIHNlcnZlcl9pcDogMTI2MDYwMTQ0CiAgcHJvY2Vzc19pZDogMTcxMTQyNTQ2NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 0A60 0
854 B 119ms
51ms Image
image/png 142.250.185.102

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODg5MjAyMDU4NDgzMwogIHNlcnZlcl9pcDogMTI2MDYwMTQ0CiAgcHJvY2Vzc19pZDogMTcxMTQyNTQ2NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEwOTQ3MDcxMjczNjY1MzY3MjU3CmRlYnVnX2tleTogNjU5OTM0ODQxNTEwNjg4Njg2OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMDIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTg5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA3MDY3CiAgfQp9CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd64b4ef17be79cf0000000000000000","3":"0x757a3587ca4a40080000000000000000","4":"0xa9037823bdb80d9f0000000000000000","5":"0x94962adbeddb15ad0000000000000000"},"debug_key":"6599348415106886869","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"10947071273665367257"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E02D 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbIr8mHdVmXiUAZtOXCCoeNRLofaf9iVbCDmkHYL_prnsauCu3vfiAK1qu37qaeJD6qHjxm635SSwlQ-HfvL0_L-71-VKehKK881_Ji097vyblkgVLFES7iSrY9jSEuP91qFNIkd2euA9mGh7Z6AUrpa0oWtIE32spfm_yOVXr5coeYlc&cry=1&dbm_d=AKAmf-Dmr3p6dmamJ6TI4X36n9GbNJ01hDinLA4GUt3VkZUPL1jaFvhlIyoI9847ItF9Vp7sAOlskkHliV8rCwJc8qZaBVZog_d_b0p8K5hmI0iwfRAop4X0bTRPi4FgJxL2-aE-4NeSGHyMjXte9OQlFZ1SjlitV_3Z7693FztjzOd3RQ0TMCPKIW032yBAlBonxogCDYY26XwPc950TozNYzJiDCfu5ffiGGXjyyh_PUj1VOr5HixOrCfMuRv4PQhSi0YfZn-J_fGAwA-Y52ouwtVj8-FRHS-ywhbfVH23Xvqw_-lh0xaR6GL565tlnHc3J74CtKTSXx2JGw9eQ1f9p4thzxj0C47TZF74AmbIlwxTL9NReRViK0855l7w1OSJxxe1Zj8XLAuurZ5Bw_GkFDdgUuB-G_PiBwMbi4pEIgvTQYKmz5zFmi8kGrw2BANUWAu79AdwDS7LfibLCWwEON6P1Yloyd9gktsqNdSQ717SxN-6m11iNs1PtUKSi7601BvtAsZ53SUgubtSZAc-6oCWWTr6XdzXWs3qb7M9ysoIVQVdm2SQvoN9bv_pg9DNVB9SX3m66JshgBY4qm45LyDGblHllm_z8eFIrYvIWygCLtzZ4VEHKSTd2k9x8SG4OsnEhTxG-bX0ZziC37bDpvT8h0FxiDfSlH1tK-uw-oMXo213etYJlqyRHybLF-lgEBs-aaS7mqrJ4GqrbqF5l1GBbT9CRyYOa5qpjKsnRQD8QtpK0evkvTSIMcfeZFbak1vVejOh7BqEFT832gkfLI_eNp1fV6HHqVLWzsEyCpTdH-hBEi-EE_LBte0GcunPK_Aubu6iIMseqPumSHcAI_Ru58L1tw56qFIPh3vxB5dKvaTjl2C-EnOPEl7gmYMHkFO-pVCxFgVXCwW8INtlIpiUzJU_XURL0ldBFjCUJe7BLddY3LsR7sm4tn8TWm3UCU0GtRH64Dqtu2b098uJkTw_o9pJjEwSAayelTq0USgULYwbLTkbVGonwRexjpKVOyNSn0QmZ6PIKhz5MzSymjshv6nbQZ88rGd5MnpVscI4tXJRoPRlH9irkqupXqSj1QI54qGj4Vx6Msb7kGDasX_QKIPnTTS46Kp7NAYYFIfFHSzz5yvEm5s_Ffx3v-HJLlyY1mcDglED2tPToA6y9Ev9KiFevzGTAyr79xymV46hLt7JMK6wNR-_QFrFHhJ6Ds1_p6kGGBRjE8LHXSW5h4N9mH2TGC2rqRlDz5R5KtJZ12s0WFSZLKtkwlNPUJGOjWfjNQvd4_wnTsQ5ayP6Qp8B9GFE8DThfvyyJa8n5_A8tWNiOu2WkG4k6kKVTgHnrijDsRlvdJ4vcDfyQo6QZXnFkmR2V9UW7BKJdQQKr6pN0bB0gc_G78dvX3hE-USDvMwU3kJp0vzG4oMf3gOyqeFYosXr5zDihH0rFy62xOD_qVNspPiJbJHqxFN8wh2azdvcgH6dBbeDbt3NQV9rcb7lD7bqJJx3BG_xeXAPDqc_QRUmnqzX0GmsWBMT8hx8D1O8LE03SWiZkk-u9pkhk_KaS_oDOiWXsA-rRlVf3QZc2RYGKmVrpkuNoJti5WmsBFjRl2pV3SgyOQYZ9BeLPu0YW3X7fes-kztmlG1pjrDaRt6g88PH2wIY3VyEn1zf8ueRbBbM8CcSOA7FVUhEh5Y4UGnEau8WfrCHEZOZme4vA7j9ALErd76yXnythnVghUyRDqz_cikt4QFCpL--FbGW-k5QZ-F83ekNFW1imh7Pr4pcDgyrW62Xc8S0nRbfk-DG5zBTht8hT_KWvwMQrASaLNjV1uSFSmge7t3Wo6-jPVZ5z3bkxGq8ADsaYF4Jla9mq-UILuj3iQIzkED97NXMD6zlHjuI3NraSYdCeyKIJrbHu7gPmLatREvck3iFeXmu2PCsbaEpnHIyQ2t9mCzq4UIWiRhhFo6pHszN4f0unG6Fy5eaIrUSKWTTZEpqIJWgMai2z2Wst_TaYE7gNDRYmF6hdwMofRIiMr6ZCJycftJOatIMrcYhugQ3jKiPCM_Zb2X655ZTH6sAglk2HPa1vkEd4AJN7KGUiGkHv4_XyvgRAebC1MG2su6qJtQiE2yl-hKt203B9zaPcqI5FZpbiHIZekBz5laHWhkQb-jKU5C8NERj4y_wgnJZDdHZq54V5knSE1ZQ1HNJyy792ho2l0IoZYXaHrz1Pq3B7wxxZQXkvhpA20Gdp9tvXAYqh05BOXbb040S6HcO2Xjp4vsEGpYjdHfyhL6oCCbogMKOqcegsNAiaRR3rqjjCqHIOn1Z4mfOsUGWVBnfgUmczM6W85vUOr0czrDjdNTeRU7NkG7BTkOn9uX76jx_MhHWaekABjvZjPeepzd68WzJ2ftB20hxykMy_L25nQD7Gt75WHFUBkMxkqpVO3aomS4WBHXTOBK49CQJ6MS-aEVrAT4nE92xk3qpe1YBjcR3PnIgNIzglhLVK-V_0Mb-70oehBtIs6Lwj5GH46sIIDn460acZaA9AQ5weI5E9BsdDxbvsi3wtjFRPTrKo4j_5hpa6zfc1bjHi9jQwjoeugkUHdcPDnH_bM1XUDoZKj4aCm6uMYueWDItZJgZcIdwK8B-6iOTKH49PwEkzoZGTL9L2D_sct89P0sjm5uyhhRwP-HZuRMTQ8tKpqAxeqx7nKCDeLy_6pCvSCdFVTuxEjOm8H3GnHrs0l5ElBu2c48m2VqbsQgE-oxOakrzHtgYOnRPm55l5z-6HNfs25L8meYg9Tmlx3r-2FI7XJO5aJeM98MecGiu4RWOfhAv7GHf3PNOkKCjbcRPnUMqHhhymKCUWCQ8hiJselOGsY_vTEwNc1szzcDTscOIxhDC65XksrEHpKGinEefCBOz0X1J4WcQ9tP0JeKHhdxKPVmlCAchVOe111EF89JwofnHE9QueLRgX2TuiZF5EzkhGAenVVi3jKz6HdXyT3EvsDbtRqSXN8iKP14YAq7Zvee14jJDwfGY0z8wGmVxOmO0W62m21hAODjyVVAfm1oYSrF9_5c_hmh3sI-qJe6Kt5hyGZDLNYkIV_Bm1-fjmFd4hbOTGoszN49Bgl86--RC0UwKFw4qkwHjd4jBAW6Fod1DoHJY8uSZi4QS9H96mWg_4F7glaXn17oAMXnqMu0GQxM0PN01HZ0t_cTcy_dEfbzA0kx9dd2bGt8kvsAbhG3wvNYd9cRBNAUIQDAMZ2RLvsdmF_XSUhzyvm-o15HOGLAEa5LA6sM0okeEgRyBMKSLFAUjwroTNJ4i7K5wOQPvia4xYBUQp1oj5wQpM42TNGlUUII6GPvOsRBjeJMb11PUVx7p3Gp_2zDUR5QtSzlWjy-rh4MeE5UFJf99LEQZz0CCLbrEwCXUWowLsvEaNNG_D4ZcpipStcQdsTbLYi7k1j48rSET9K_aKKeUsxmWtH2EDZIsP2dLJ_zQk0N_l8tXKmlvuh5RsrZLYMbv9-y4QLMdj0fdPVLVAp0bPEEgR72o9qBY7Z-7z9zX2H-aXtbi6V3LJ6YmieXdy_V6G1a4j4A-mmyMSBFOTgXFpu2dhHd9qDVN1bdW4oLBcXz5ki-W5n8JJfwnNKdApsaeVJS91yBgziO3d-kammdrsx0eHWVYXTrwoSuPORK_rlUYXLersRdFy1L1cglDgNxfKb1T2NqOg3oVtbDKXKT_sBPfXalW6IiM7u1B8Etf3fIn8gTL7d16zhzLCUMkvDEwis6eZOhybX2X7zgnZwb4jj2TffVXuNVu0-sDtz4FZ0ZswFvyxUdT4qWIxIHtYXwDgdAmz9LdeJiPESaiH-kEvLGJ10_RLht9-omdT6Cv7o5NvFC-zSSnM4GQydxFpynzlffdrNWj0j6-LK4KjSf7sDa3xzUKDibDPXZjOtZ9b_oDTBGYwA7Qqw8qUFmle_uQqk5gV6n7l1rNvXRBYzX_qSarpkLE4XuIV8epM2DF5rw9RgTkp1QdZs01rVIU-pnTI-Nj0qmEGl12HdcgmeDqnFcPLWQKi_wQHyOwOskdmer6bO57h1WRWosGYfdAh7qXOvT9Z1KpodNk53mki0FcwO-Ts5Rh_maAnKqCr4RlBKglQZjUm-Nf3nRfGzT30UlcsQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=13056785798845594000&adk=2265872549&idt=92&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D5FB 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGGsRbtWngKzPfZBupMHxMRkj2wmJ7ellQa5qK3KdQD0NR1WEvkd7NkZ_eITrzVuS96x3Ml-gKAFTI-pq1X3Ehn8JNLVdxtcSZy2Zxvwmd7KIQPiTD6poTOtRqN7E5f_g46j4NSzi3IkxD8EbcF4pVv3pmQ3D6KtVrG3ykIZOWpBVo8nY&cry=1&dbm_d=AKAmf-DLRmOYl2wLRn0e9aMQzuh__4Z8uTNIV_5cSnnFTdos-PjTZZc5IWFQ9XYSCh0FLBrCMWAvR-cxo2uWySVeqk7VzPwbEs60wj1U9jw6wWfS6pLkhaJpq01fd_uZQLgoJ9_84zCxbbOtU6uuGuNcSfUn0Y-Qza7Hzwla2mvcibBZVPekwm_aNqhW2tOVVny1izkTNy9o_riGNL-tTJHvG997dYfksdFaMArY157kqTm6N7Yf41P3YO8oisOLDkTNcHu3itrxuo_sDTRICKHs3ekxj32EKiP4_uz7Ngp2t4bLkQqnUEJKyehr4629QOrmZWyqhNxYmZTvPZZ3xoG-2P6uaH7IumjYmh75JyE5ASl-HTmr2v-683ubZ-A9u1iuq3xcD-0RtoELuWIPjAfnT9DnvEWkzpX7HnwOZI4wIdUaxV4UKoaal94yTDCbiGJ6_skVtWKWSxoxm67m0dje-Y_3g54GXSo59E8mncOzan1HEpplTLU9PfFPrYYLOkV0zHLfR2MxC_q1O1oiSqYLCthRz0t8b7yqp4qoU8Ua4bHaVTl_eeTyJZu18iSU_AUKdScffGV_sw84zozDr8ZXzDbvbc8kUMqHDSGJff7FRFLyYakfmJGcnSOGkxNzcRnf-K6Y8cAGU2_i_UEc54gsJEjA8wxzS82VuCc7E3_r7MCDcEdsbjoXGbxOzYy623BGutWpNWl5yNHobYhO1WDjAWEyiZKD3F3i_FF0E1jdyCZFeNlfzEErMsosQT3s3xOvMisjgMLvvlWsi1x3Tzvv8zamLgSxv0zNVPsONP6KzCCCCoMhjZLevH15jGR_NCVEqMR8F_ZWitWprBvoM3kaKNnrz73m9rdh1_1Es7DbjxA5dvQmRyBgVxrv713kag-aB2Zt4nXzrLyEGH2Vq1plx0YFXMquk2m0MQPr4QYS-S3FtRt-SdH2DLH0KQ7x0IFEFmdkr5D7Gwo6dzIWm3MPvcUYoLaetH1Dq_v9HkSQVJKVbBj_G3Kvf9cvwfjqTsAyJhljoQiotop6CaC6kOOk-2zq8aQcFq2Th3RA5R57dcGA2eRE6OJ7v6sJ9P_WY9-o5H-TF_Vez9q-adrPTT8CpQ_0vBAHmmQ8rFv5E9g84NFne1s05Z6SrEzkzMU-aYeDEj7mQfqOvoAWTvIl1OBoqiIknsfZgSjNSCW7b3BpxQ54J9C0DfOsFd9NksNLZ96oSpYlOhF3mU7q5qn_jfcCYPh6mRWC-4O7YjmqgT2JpqOG57lTK2W9Nh4c2pLoSt7wUa0lkV2xW1CUpjTW0zTrz0LQFuWUxb8cAJEIBfmasKDNL7PDZYi6XhW5OW4fHBHexSPcd7UuVTbUTQIE2XxakFSjFlILzBdIn9sZEKUPO3gWTjT9GshvmkqPWwGWTmWEgBOYyYGihljvQMT_8h1dYInUsr0AMPWYpz2QKk99h_vEf2G4_5g14jlYOLhDoqCrugOmoaP3zvWX99kLTWxe_yBYyguInWQ0yW5hxnAAqgAxow50k_6ZcijDxUcCpSn_xPsyNssSPpCzK3Ei-T0kjm4VloU7PVIfye7HxUoy6Yfj1VWuZA2_Ihd1H8DsBw8gFeXeyiLsuEbhDkJ5AnnMvjNPzX5An7y8WgCHEp7B6XLBRqnCNeDNbF0YrTQMaD8HwLf3tM21C6IoTrdKlvJ1cB1pycF3KkYFsE86VTiSD2t7P4EClufa93wGlWGYbEOdMqOyix_YjPqthn0nxwpZT_bA4mfYRg7WeuWmsgaWwysv2CgqoOlhJjSkVblopHnx9lATtgPw2HmnTGris-uFuVE3GnETdVmdVOpphjjC9NDIK9ISMyJy5rZumFXUYVpZeibdqQsI-qnNEFjxN6GYC0XL_VkZvZt0u53_uBVfrQF9WwxmiBhSlSZi7URZSJbheoFutpW6gqpZCB2aAy6wS68Cs5bdA1zLeLoinQqvET67fKDFzXEHdHJDRAHucEzkAvXQxpEQmskYHjsif7YtoMaFX7-S-ZRc1wQtvHT41hGRrGq8w2A_bJREeaWTZbmtgkBeH4G4Zcl_9viLxzk5TRWOgYukko2aIhAStFO94meJmadUIs-h6w1T0-gwXf-YfeM12a73QLYIvAqaNiKOkrJ1s278RjK6qvXVAWG3AcbyJKXE0ZSl6UzlHTW8qvGS3uXbbf2N51jk3J2F5lV9HCJ1kigVdJaCO6a96IthnB0yEwps0Ti9Ksg7MFwVqILkE4MhSTSfhOIVjeCIZVaKJzLpXCKX9B807PCIKPFuAlsH1dOL60ucUIp-H8PO4-mmtaqIwx0HosxynCldRdrcL6Bpx38ea_5Z_DJd_YWn_z4ZyC2zNxFhKcMKJLLy2Ma1ohn3mUAISa_fRyhEzo5oVC2SPzZst6V19hOk-GNHXuRC7emt-soylFsmjRhSZLi8jt3vG9tbUgOsILDwqzSnXSUr5mvdBIM9JG9XRcciJdpR4NpTzoUG4ciXgxb5zQ0IZeuOT5z-En6Uh3j8engl8fU-5V_qWP1pOkSRZzJjnJMnprFJq0MWUyNnlmDjWcpo9rZBcI09W6JN8Q-0FvBluP5iDcx_w3XJ3MNu2oOWT5mLkWSsiiq3Hi4FepH7yJ0Y4Wa9A2b8BvgAgNSamOtQoF3eQMf7LdEnPA9DlYK0qtIRn__7-TTz1GGmDDhJvMgTak-5ZwdO5OywB_tjwQZtpFcEbU8P-FR_JLowAGglpEqYCRk3IHpBcNWVm5F9HdAmnCqb-g-qTPhx-8unLS2xQpnZ4F4fk8P-LoKArLf08oco2QNXZopO8zLRUKbdBMCYP-iG5BeGhxwk_g6H8Nv33vTEPHinoB99MYa4wdlEw2hmj2f53jcovt3cklKtAmOiIfibjuET9AsQMS0FmWhSQ3tKpKNf-7z9oUWBbu2UYTx4mZfDLCt-M8INkRmfezeHIlZW1ZZdOHZYxDuDVhRctxMUMR7FkgUUCjT8crEXmoIgJO0LDOiryw7QgDls-7nIL4y46Ga1tmRYt7uyGS967LZqDpY5yrCFavFfkZm6cL3YRGxvJlcHHR7GtfFS5hzt9F8SG3maDCj5K1vwoujtr2S72gD_yHyxKBAE46Qv2VjaX5BKcEum4CZmh3rAasr44Nx8Wx4qRWm-xUpvHwseGbfRXatYa6rdUfwr6pWFaoc7m9BNjLQ4CewzN0ExUt4yvgiFGtrzFO-9XvABWEIkj79k94sitPJqJG1A0V6xTcX0K3CNlSkTEGyxTkN5Ndo9FIKEkbASWj5kqwD1m-9DZsbwDbBe-3gyOC-ExOSNIkI5q0a_5RFTYAxqTrvNKmx0zXThsqrWn9TT5PffvbwJGw3fODqesxpTqaw3mmhjDfD5VgepvFlsHVXnkWUCCZH-nGIcKRKcEWC8RiAfCX-ZsAdjhnwOYNvW3vZJ4rRokYpMC5m3MXefhJgdaUcHOi8lnbtSCTvlolB-zHn_mr8SyfW5zv0aiODC5H7T8grGQdquynBeaQS09BGYIdyuFZJxHdvKpGldO16bjRwv1H5R0Vgi1SxJF76yNTpu0dvyAxcihmBioavvl9vt-3TGtnOmWVIQs68ErohGUMwxSz3fmLIi81lHp-JSHlabIY2lkYgW_oeexKcD5c8cWIYifpixSu0GMsQ7uGqF1YEIYHqsNsyt6GBJPLXLlKAAuqBcxrNgfMrIQRgKvJidH_mM5jvjt6ASKpcorbf2xDP61lIfOPhZHRQqyz4mR20EeLXISsTb17R2rL-bl_1fZ97W4xlPOc0_gjNf5EWOhXmzEdaDf6cS3_FsX5oZombpYU2WLVgxXfTUw2E8UiRwCcQ6fLOhXq1RYwaWOwkKuZ00a3BlT54YAOBBGoCHhh6h028fZ-eT70S19Cc9MMU0rDn8Pi3ZHOl_Klk4-D72wwIP0VqnWoCRt_uUxUC9uRyUj8mBRHFXpEjXoCI09o_psqcZqWPKfBu2E_M8g6CgQjd7WC6-K4pwPRj7mIqvMcD1OOHQYAHGm2J_oIKK6iqv35tfjbBdWFUdOrCY34RsKNlMLXy4z_2A9QFZYAty39aG8_NJw0yZuD4UWhNc_jz_dkEFM8KIR8NpQhdL0orukvY-xb4fXb8o7jtefQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=15137135732004948000&adk=3661671305&idt=98&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODg5MjAyMDYwNTQ2NAogIHNlcnZlcl9pcDogMTM0MDYxMzA1CiAgcHJvY2Vzc19pZDogMTc5NTgzODM4OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame D5FB 0
493 B 118ms
51ms Image
image/png 142.250.185.102

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5ODg5MjAyMDYwNTQ2NAogIHNlcnZlcl9pcDogMTM0MDYxMzA1CiAgcHJvY2Vzc19pZDogMTc5NTgzODM4OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE0NDExMzE2MzkzODM2ODgwMDIwCmRlYnVnX2tleTogODg0MTI1NTU3MzQzMzcyNTI2NgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMDIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTg5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA3MDY3CiAgfQp9CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd64b4ef17be79cf0000000000000000","3":"0x757a3587ca4a40080000000000000000","4":"0xa9037823bdb80d9f0000000000000000","5":"0x94962adbeddb15ad0000000000000000"},"debug_key":"8841255573433725266","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"14411316393836880020"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9798 111 KB
39 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:17:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 9798 11 KB
4 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aoh-mpj-fb-n06izAskNQ7obqK4vSAqHUf2kkf5vO79wbMHWWiovcQJdYIOLxBB_X2VOq2Y9xG8AmRRUkppD9QkRLCkaUz5ets5tgH6xMLj7S0yAXLaC6aj3NL9h20m5NHUaFyuAI7Y9OuG2Bg25TJrWRr_VtLu0FypQ01l5uPFNlPT5k&cry=1&dbm_d=AKAmf-C_rYS-Ry4NpF7qkoaxit2ya7MMejihZNVwpiDGDyEvEdLodY0qV3lhpOyfT0dSIn5Ugap59xR9te5uRstTR8FZBUsmVOGo59psr5VBlv8hyCzbpRacHFA45SRasTx_oi5p6mOPLB34sTjKaVB40iJ-mQoUPh5HA_us0g1BxPFwi5jX_mp8KE5QBWjIPghRsYkvad5xVfvVDMV4YYRrUNr5hgAg6JU5fBEDPcY-9mj7D37vDVXaUj5gN8k6QRUhQaDyRZNKPpO0oCVKvuD3E0sAGHEOtpF6ItlRs_-yFWFuJtUjZug-Gs2dS1m4EB8DuBSJAeu9zNlXkZKddGmHZHuyuYQ50fJj0f0bM_8vtBkn534zQ5W56mjfj5beJlqIZSz0PwuKRAYfsdvfhDDmIyP3HUC7CCgJ0htf4-ps6rB80rD0AC3FrTuR0X8c6GADznkroNTG4wRR76dFDvwfb2NJapBTfb1aI4inhEtGdPBPC_PD5eX7W7Pgr7BEuDOD58oGEFYeh_hRpS8OBkSWJrUK_T6nPfPN0_P6BUvVs5q97rOxcA-GWwMxjxKGyOlwyJ7l9lfWJhxfyAl8cLgKvZfSseyni6zqveWKDsqTZU5w02tqFMV9Rp6x9ymcrK4PZt-PYZFFlf30LfEx3p90M4rndX8A6yW2-uNtMTfHEI75p4StplkA4XvCI5oKxul9sjIyZaBWDPOj_iqVpLuSoKzO7pq7YRhzixvlnLGYEE8M5IQiLLLhNHeiH65vgGKndq7HLG3q6qwxBC6N_R5ULlhjCQFBrb0G8DEjvgowJoeIq0O7hr86ozq5yDHqi5Cca-ml_JfTzbXl3dIuVNkWAVtm3a4mqajM9IZBoiqtxWjiXEtN0D66rHcsGq2VJ8uQIhcHYA8HXSxR0v8r7a2GiWbiGVFuwKfCi49ZTJ5b1oBohuhn-DnXWUDpGMeImDbleNUhf2TBsejF3gSyIGYMNGTeZq-Y6ev4w9iUdltbXq7Qb0ulbD2bn2jSSiKyV5w-r66pjR2oddhshOw1HU3mtRWmHa9q8IUdCgofP93xveOMFB_Q3a9GR-5HBy6GI3_6-sgrsK0WF5xt9zklI11fzbsR34pZQQ-d9yyc_NZ7-ig6bQp13XJBiSGO_Y0H9vRhAzkevDW23Z7fUDWbrCl0Dujv11Cs4sKsP9gVU5DRgwQ_kMEyFWAwT81FjJnf4DUwnuP3OBCwTBCpAFEwfif3ub22-li55pHk4C-3_K5SmRWECZOyNbTph5PadQNLHdwv-LoKuynDCXTQebXSQx56VdsLU6Y8VgaC_aF_5zqKjUmkW5uU9VZ7vM2yIgVYzQ-7bqbaA6tLJ8NoQ1usUukOfvZJALUYm8rUa9d0QdAecQcnzxV53KPcpObI9HYL_g1hN7lSyFId5air4lqR9mqQT1HkqLwDknf8riAQCQSeIfCYrnBhsT-d_jQqB6pk2W0x5o9uZSRyTHcwweUEdx3NuS2ufHV-3ckvKmmuL4g_981jUGo9RUB6P6CuaoA3XOafcBPozxl77yJnqLq-maTRoPjPXW84-qxfESBTYfj4pDgzNMOh_MdADgSLTEE3dEBlA8lxyvm-GByAVaB8kQIaRZOzFIrM8gcTJJOT8QTkoWb1ISd4E-0jZe8s8XRDowkTYLqFa75rQcpNIO3mdU-PqFYSxE8WpM1JdKm6iWho-J-M9Y6f_Vk_Yp3qMyk3yjks2amNwz7tDMl-hGz0IDIPE91Z5ZPSJwTib2aZFCC-Gf7Z8NrrP17aiWTlaupllqyuSoq2PBDYSYwOGkStgAXttJwsVRUWW1bZ2rbPEhO9cpz_cf_lX9CCY66fYaKNb4yr0xRZRDOGrkE6IwcXhk-IgWsJ6e9U3rRWR3d8k24HwQd4SplqEhGTgW53iL3j8nrZlvaKrlivOOgygJys_04bryez_YEf7f2SPjazlgl45sPEyNJhK8ofEZT_nUQ7RCxNTmT-0Ws7rjpfH8AMrpOYIBupPaMQcsOHWXzxIgtJe8-omJvXhCO8A0LprcUdko17XJCXIlPoy2Qbjx_KkOnnIjGTRMmtUk3e06TOhqSERn2F2RI1feIDHMqKXVipACEpmNEkPMz5cFhUD5HsZwOkwj7idlFmci4OJm21GnRxXbzrWvlkYUJ-s9gXaXsJu59KZ-JwS9Of6jXB2hR3pDFX6s8rQIod__nFH1_lU54f340e-Ux6ltKPkVanRi5ln5uLHJuQZWdB3LwQBdtyXQxNFpS1mJgat_bLabZYAkKCV2aa5pUnRRISrjFXdG-NaDeQ2n4TOznKuWMeU8e5O3FK4t47lCT_CnCKDey96LlYnOd5KJRrSrh19FMM_szJahHcXiDxWwNPGurhk74kXOfJgAocjhp8b3jsq9kknT7BdAiNeYCKclv8UkeZPT72gjXKuB9PPOfTagcFSQPDQhGd8Ft8-51TtB7HvqE2hPLq0vMqJEyOvG0WYG9is7XmlsZRIoEf2gAQYVrzSTwn8QP9tHjCuIiMss6o4giZu9HrYWxcxDdjofdSqo2Cknzer6UsbiG_WBU0N-lWIrnu4d8-6Tr1xg_KaHsN1fy_hKBD36MBvjxqxzwbsjMf6VuUhBUxlKk4Oq8dl5s3AacsbdVZn9Nu55Ufoaag7amD1HzScCRaV4f-7PAA-5odZ-G62v6V7UBRppW6xZ06xPcPbOqP3JEi9Lr_RwbVEauDz2NqdMJW2rl8Wn2rZFkvRLOgGqUm2LZ71vBIO6IaMYy83k39kMvbLRHHz1YjsSgkUsTakNtJhp1d7jLb6_XHzTPRXAh0BSqquJK0J-extv_N6KZepMM3WSknxVb6riRiHZPa4brSmA3PHxFl3NFc8aca4YZD7_K1V9FGZ3oEtX08GziuBcAexGdKg--4mzxNdueKr0X89XKkoQq796-gG-ZXWvdYBRUCP1PMtBj8rEorCe-9nr_jLiAVsf3guI4Ck5BtoImz7Y_a22LeGbuwW_AkyU75baGdeoYlZA8hRAPwgPyxiJJbUFCVKyyuguPYQVj4tR7GEO200oaoPDAZyzvw8C5P7JWS1NYbu2ZKzbf-SUVTMvp0IUtc_-TFaRbqDeaiHOZd1z00WgFUQbRPlt7jlg72oRJ-ZV4Na6vv7ZWakRneRWvTrodP9ksDChlvVAtxpct9ek3yI7UtVoZU-7DrjQDLr9J42iNYnwg7O-Jtu64VNt_iUsEcSEYu5aoLPitbMuOQGeShHDNhREfHTNKfyHSu38HNp-Bi8PSaNbnr12NXNygtquoWhEfE8vz9YfaiZ6XvSLaO5uL6zCAQeLI7qPKAF44kiwRiAQeMX2GUs5SGZxGLS8unuMgWYulRUkkotox_vLoBZJpwVsiYZ2796MclXid0oM7f_h5RPJLP1YNJCsLEXq602h-wMkT4e873PowOSYk027DFGrHq7HB2RmxHVVRTZCtBhA7y0jh7MbqaeboTuVuP3YfhYSnlKlhTmip6dZeZNuoIrY_zI5m2-paZB6UwhF4hGpMY6VQBElgUXmspiT4HM9DynqzzFF91DXlAFu4KKVE43lGkmt4sUOaLMoOOioDw87Uj2Ino_7fMyXsLcSsc_oI0xfXAeV_9Yw48qIReIJAs-fRI5TCcdsUkGZdVmZF4E5h-yIbFmFsPoaJeO_PvYB3uTzAs3Y07yRqIRLAQZRc112maiM8YWp-xXDj2hAUZEuRrEjXF7u-lG_2yp9XE1RSBipaARD7rak5k7Z2OtRt9jbUUOmIiXkAxufFo3GRdxWjPl-vtKCvnDwMYbNUE24_pT584r10znVt3Ya-3n3tD_7uLuv8MG_lIalGAyDbZXxlpkbtvRuXUzyX7VDuAUhcsisIGLKStUixTUe0LMceRtdi-1IOJk2T0R5RSn7b8ja8XPk83zofFpu8Va0N8aQ1A2G6y_xJkuJ06NsAcdkkFgYdBgzrKZZeMuEDg_zxilNzwMrHV3bLIJJDfzd3S3-8cOXhu-bY53-BVNfqr3yaupqnAJEOpiNYMlhkrxw3NVxKU7yrOkkQjXI4m09Jki1qVrWZSzSRErUmY7Q2xZD_OKCZe4WXJ77n0V7pQBlklKeljVn5FB_c9jfsQXuSIavB8Ej9QwUcdebK_uJoFYoc&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=5587733504146025000&adk=1964084972&idt=32&cac=0&dtd=132

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:34:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 9798 30 KB
11 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 13:34:48 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9798 41 KB
14 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E2C 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3048152231330&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E2C 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3048152231330&version=m202309260101&ct=77&x=1&cor=14392911961025982000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E2C 16 KB
12 KB 64ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B89-yY6XgX75pqWkrTWs86tFp3OVVLmeRfW3UE4oSbwVMUUOPhG5Xp7izxRrF2_6yi24FCPkxV4vANlqoxq0a5KGFIo3j9JRG1ZJaULu-c8XioQ-bYTTPeP-CkNe2pIYr2Ig8FA_-L3J00or78Bfw6mN2hwLZJWgqVc3u5qXee_N9_rHQ&cry=1&dbm_d=AKAmf-BrHrP7GADGxdzjNsNLxrdakhOWA54W34nr2rEUsVobA3oXEZfbv2Yx_AqTAsVwgRftbjdHGQfzfQpIwUlvpkXYS-Ut546ZprBRPbD-kEZiKF2xZcZ6dxUpKlPiJkQgtvnvY7QNjYZZXfE9Jh67oUbiwW1Hbr65KvRjRAwUbix7SgcrIngiHS0WA0rJi218pZQLtpRDVlul6lo_-OI_JGAAGKoEWHxbzRuBqRLdaBhv6EI1BChprx96cQ13i3O3jGP9W9rKJvYiTOwqEtnDcqfaAlyDlGWUWYbTYqmv4zeg3ojFObRzlw6TGl1sgJKblV11Q-hd0u92BADoqEX4fmervRzxM2JLpNO0loh0myfH4n4AQdDFAdvMSahdwGXfNIk2_TsnwH6wAvuC5uOS_twze6AsxhcJkdp8MFW-U_6UKmpdl_dibTOkJsAIwz8S3t2ML6AKoVBHgwW2v4zDjdESBzVUpa8D-mFfFBk5GAp2Bl3o-h4xfw2XlZkv1uSNGlDZW2csfB8QX75Rpsm0lT4b7dPDw-o79kjQWTVBwQzS316dRtKMLwA4gEFHxARmkxDI1LPboWXifNmZ7YuvAlHhy3bkwJpsrdBR9j0_DaKEpZdr4DE0FXXQqtGip6556ZWUZhEU7TepAJjxbWITpsVmyvVKa8P8yNt64tvDhH-wr7x7C8wT0OK-81RPAAdCcaFVi1MqkxyD_9emg1PQKi5BvVHIIyzkyDDqiZ_09LigS9uDcVpmKcbQg8ggz0W2aOcsdVhz7YLs805nd67SKfB0WNPyxFAjxKesebn-kC4WhO6MamY-N-wplr_8vpj95fK06eov-nkp5-kb5PmvphGsQPVNRirWaTfqOIcxE19QrgpwxQuG5qOz34xS0FzaVCYUg_lLMWgIgmBz2jr2e1hbmgH0QEggivDWty6e-qINCYGTnkngyuKZ3D__IxMgSji4ty9B2F9xJsEPI5ek-eugdH2XzzRtUJ3UKziem8gfPYYcxZUf09Alx-N0GDfvl5tRumAzHKgtwlMWX6-ii0QD7EVcQmN9-m1Xy52WeebA5Qsialkyz5-mKfHaqqQdrZe0LVFKDY0Lc2oHo2nH-1tD6ipgIKrs7Q9JsiSDUwesujQrPsALwO_loVRnVxY4jjibIaLLGm7UY1uBnA3qNtDkD6-ymYNBp_In8BoUY85I-MCvF34tA5aq-YJjLjXXRRoWPu8VYK3Io_sAkk7Ql9PS0vvMfBUlHbkHHf5T0hCUvqeSbsMaHdHDSDjtYdQYF-hm4uC119c2_ILPZ5o9iUJfHsxwBoXRLynuzZkL1KPCALdrCNAyPKJQT2ZKQNIV2MteSXMbHk3J7ooJzTuCc1aVJq_sX-4Ne-bhitbvvgWM9JscsioaS85807aYEHyLkKtKpYdgkN_QbghoMLCkx9LUwcjfVSO2aOD459DninDs8noChL_poaqRFVMlzJuYLrgddgt2nyixlOawbcE8Jd8_Fg0vc0GaBVG1aN_C0vKFaPU_eg5PyejCaynEtbX-sEGGXkUZIDJ9uivKxrED4zSxVp5-IHRxY6QwzPPLgf9Y8WiICcoD1wZ5_5N5QRD7_oGYTVtWqHgxP9pURDqZ6v-6ltpzzSTq6Fnlf6yxMAtrQMBF5odJ8_MWQ1HDHBOhrlxjpz3QIqMU3_T1YmZlSqWUZam1Cb_LzRKZTSByYzT4kYJWQApb3VWGKZd3X0o_U2EfiktI__pI0qBuPQyEgoRxtGgS0V1e3kyIK-bpH6RsfcaBKnicvxBGt4qU6YL-VJi-ZSr-2_yaWo4vpbLxXqcrsC3-Z97UrJKOwWN6UHNt0u7Xi-eUP6siDz7GJxW-6R9sjNibbqeA_rGqVQ67iXhjKKstVbU6Osp6LkJArmSo84o6oLVMd1R4LtD5z-VRtfE1ePVlpMytZYvqMhTbTfO_Z4nNLohButUDEYQrY-f3aKFI-j73q2jsEm8aqKvgVljvjDKMdBbngd73xsNHzS-jVx-6K4LmkG2dbyxGb1KNA93VpCyl6wFm5WqgD0_7LrIo72dJQPGUBXPB-xq_KmNnR3v-GBr3Qnv-t9drGZreVqlH1BkFS7k6J6T5RS6brgnkhM2T_sAfyqPKd2j4jmTfibdmJFcNQ48jan4Dm4t-k_W_gMf-XH1hY1vWFXmwUrzpk_NpJO899tgdjzssVPYz9XR_7JWjvTS3ri-VhWc1I-znETJeD_dXaoAq7LxJbNbzdtzetGZBu72hgsE5gKCBuDBhmFZSeDenh9LB7bJfWl_hYpe8ePV6Ldqj10gUqFxaYMkOcHD-gayk2yr59gzq_pVxrOp89SzEnMnHmk8o_ffEpInnA-e0aGGLYVIS_WpdP76xkCgibxAst7MTcEKB3_ygFKpGvTvDTnQVPQCVUDqeCnRGJ_chubD2x_jSmn9bFE7QsN1rz1ChJYRnmaCmRR3AIqTzdy-YI4loWDZD2EyqfiBNLGWyS_6vOFkhhJb1lArsnaKXWGT77RLIOp-WKzMS38qRIhzbOpTi5sMAxKklrJhz-pcVmUqEe2kVEVtIiPuo-C2mgVNBmJgtB7Rrh_Cmi0i63Cg6CoIOl72ro2qgsp5EgNcJ6mMEs6r7Jw27vDStO9vlVksz4U-GhlfreETEndFbmU5eaDufe2KjfvAc58f19MRwZ9k3oT4sQCi0tOSG7m-6wgzCobS7fRi0dXeUhdK8onYjkN8U5s5vw-v-DND_XroogbmMsAtZH5d_IZW7ffHWImT09U8gN9BjdchNInTRqbJxCZ4_XFcv3mzRMWRTkdByJGvk01qQiagEQryGaAxMQ1i3cAOaRlmlaiAhR-MohM3OPRcqEmbsum1D21JGllG1xtVrEKhzFb1iN0EmfoCP0KxXJLln9oZDh3E9lZRULcQZaahOqDKkGabIfmquytbAwj-kBX4LElG-Gd622iszhnd04IN2Nc6QPCyitVWaUhJiFpDgnSM-hVH23d0rSh8ljQuFszY5ZkPiqNIqUZeQYH8GsbBHQPOGthqZz9aV0V7YCsqrVcUS2IkzfJCVb8_217xRtJMGuuA712i1jDWNAWTQ1zE5BXkqMuDffTUu9lwneO_MtoeVkvQH8Yy--ot3pm4ac8Uzw-nzhb9vSWyvKS6YQyIDKysh0iV6-wV2S_4C2ipc4tJIblOl2Vmw0tSAUBEe1_B65wPYzbs7h0nakgH6btko_RwBoIwXtiqX7I2uiVc9hNkS3cH2o5xvQmlvj8fZtodU0YevlVmb15DfTZY3tZkPNihEj5uCl8WbTBlZ_BcfBh_LZNDEmdhmPp8EhgJ36p28I8oS08x8vm8rg-TkyvDcqGmAtiUhUTViDC0eZ-Qti-GW0E7jD7XJUGUUrw3JHuTuHeioBDBPguLg7TWh1OzwC65uTIyWBNPmv1g_2MzVw7BgQm5mSiELavCaFvJLc2cwPA0-SGdo3JcFgVpiMoDWNU8LEGkBipdir0Rtjx88qpnWpccWU3dsnE9Rp0V7ukOUGeXOljCkOlCOBESlM5cPkBmwIgcQitQyko8hkrc4IMiPqFWYDYaTRLTgFt_TF-gVn7VkUfrp-itM58VGmT0dDUjxCxLWfM7svCKBC5vQgDXj42ysPc1HcUPGcf0NVaphUM_gphGGpEJMDA6sLW36kliulaT0aSu9e-fdP89w-t9l-aLQoXDieGHzFeP908Ml0r8n4FmO99MaW7VhGYKWV3U9boWA1CYCz47xIzeMSMe57ZBQFVbSCFjzMbQZlZ3UajuVilP7PxiIFMKkqE8vJwhBPP83SWbcmuD8eeaujUULe7KklhbIYWx7E5b-zaqnfHi3PyxUAqKGkhizDGLfqJ4Kk-eye7r94km9Ozf99TJwWwkbrbs_7hi1zY_kZbdr6zwGU5kGpqJVv_re5E7SFrTb0iw4iOnxi21LQFA5uQhBUFe8cdfRa5ted9dkKdSirDwz3BY8IwzJQPyGuxVphdGLVA721Pu6URQdFhwuKrTzMwMkLAL4jFxnFtgIW390NaL3TMuyvTjsFlipDaez7MZCmvbK_6fFLORxMYdfYieFysN15lYGGV0SqE3Jl7sDjGJe2IAa0i2okKyzXlUpTZ8kUDN0Zg&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=14392911961025982000&adk=2013371551&idt=69&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e537a2e24252a9277d5c712181b56384d4276bdd4a90eeac43749f65e72ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C92B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l...

43 B
416 B

177ms
177ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f8ef9e184d903d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 315
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQZYF17xA4zWHIYNVBNU51W-5AE1xooHLir6Q_IrIJ1MgTXQS4W-MEOhKAXn4KiQq3AS5_sGzrizH3oL79_Tm1CuNyjp8l2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f8ef9d1fef903d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C92B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV70jJ_2g1e2iUC
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV70jJ_2g1e2iUC

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmTOzRly7ZzDQR6VHhtiVyztWZpFXnp-LIlY6AHycSbXCW7jLKP8sjCkH6xOKWlByA_XfSbz6zGiL2jVSjV70jJ_2g1e2iUC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:01 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C92B 70 B
148 B 64ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENmsdv_VFLHf3Qt7lNbH3TI&google_cver=1&google_push=AXcoOmSkc-qcKfYHM9i4iWzXjlyaoNQIIamF_APcG3rYCZBhwpcw-K_GdLCCy2a_PsUtqQCBkEJvjdemnWh2-aMU8EW8wUKASbUjmg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C92B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6Hlo...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6HloPmjQ4Eg&google_hm=eS1ycEJQX2h0RTJwR3ps...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6HloPmjQ4Eg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRn3yCyH5eQwpFXDhoCZIliweXxo70pkvEyQ3egqNrQIgvU7rPvC33GwbO3_-PUbfstXbkoUpY14ekeMzpPwf6HloPmjQ4Eg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C92B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q&google_hm=HlizuGZHKo5w2VaUQ1af...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q&google_hm=HlizuGZHKo5w2VaUQ1afSrYh

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQuSm8wZkxQLY4mEUTEOw13EQvSVl-NMFuFfyPYLfNwm07I4fc6i7j-BbFHjyEfNASgwv3keAPN80yO5bALM9GjCTmgcLqc0Q&google_hm=HlizuGZHKo5w2VaUQ1afSrYh
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame C92B 0
241 B 24ms
14ms Image
text/plain 2600:9000:211e:8200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHXe7iVJ5tWDbwEWzPQQABo&google_cver=1&google_push=AXcoOmQ_OLf0mEKz6FbZdG_zvSpaHaCmu2pJ9Ah2B6LuXk2Ea7MY4UPThziQs0-nbcuRZa49eFtLt_wEN_auDxSFWWUjqk72jEsG4w
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:00 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: QqP1GPeDGie_-xdGvqxseATOI_2glJPHwQFktobTxN_LvZfHWodLAw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C92B
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9uar6yBgw78WddF_mRQ

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9uar6yBgw78WddF_mRQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRARZwgcwCNRn7iU_9yvrGMyGUwpQ5pobK1HzpsDalwCzYx463vdWOqCIFC5qTTgx-S_fAbMS_VJvK9uar6yBgw78WddF_mRQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C92B 0
12 B 35ms
27ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5f5EuSN_kDhVNzae7QcnCUNPTp5mCKzfcXH0KZjeMk57MBkVObLIX2CdLblc6ug-VcFOb

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 th
www.bing.com/ Frame 6150 23 KB
23 KB 12ms
12ms Image
image/jpeg 2a02:26f0:480:22::1726:62d3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215645027531_10GVQH5DQ8DZPIV6Y0&pid=21.2&c=3&w=379&h=198&qlt=90
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f13058f8e33a2752f1e99c3a75217b2c431fde5f566acf4d9495946bbfa8188f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.13d53e17.1698892021.291c3eee
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 23539
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame DB6A 12 KB
4 KB 66ms
16ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004491&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 55aea8309090c3158b82809c83d6510fd2a7e4e5374e8970208396aaed3971bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4237
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 397E 12 KB
4 KB 66ms
17ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004493&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6145a322af6ac42116785ce0267857aeba0fa9552d87b5a8b5b155344c61f48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4243
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 0A60 12 KB
4 KB 69ms
19ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004492&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7b8e3cbb933fa5284e93cb904ca3d68dd4484bfb2c131857b0ab1f7bf93307dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4245
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame E02D 12 KB
4 KB 65ms
17ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004495&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b7b5283ca4d4fc3a724a764611872b1f927daa71c0bc4e6ed74708ec8dead8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4238
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame D5FB 12 KB
4 KB 65ms
17ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004494&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 5a79c650e527667f5b5ba1d73cdcdfbce80004a5709862f8f27ed3695c00612b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4238
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEB5 1 KB
644 B 13ms
13ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9798 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4daa3dfdea734cc54404aaf6b6015b01e558f9f6b3912498d6d97db60d297598

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 140E 47 KB
12 KB 22ms
22ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Fri, 01 Nov 2024 02:27:01 GMT
last-modified: Wed, 15 Feb 2023 15:44:22 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 699C 0
0 64ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwybkijAI582mtJxzsqXLFMBxwKHTm8YCfQiTlb6WrhXtOHnxhpyPmDra97FGUbu0qFQ6J_Hy2EDzSeWTpAPmIk9AMvKdb5Br0T4tJVSH_umm0c4Do385Cy9tW689pOhCQGr0iSpAbO1fV6aFqNt5QSljV9bnwNIpgm83Kag6poeqXwLR0_1t4XxkJK-Fc4kFnOLDiiuQfltzn8CwljAKEPqT8S4fjQemxGxTXQ8D2e0CnGilrVK5nCOTF4e1udJF-7YXSLSKcL89woP7I73NJsIx3HBBuj7JgONc2sn2g-08E-Ht9SyddvueLCd0oJ20jsm0_WEEw3IuN21q-js0rc4pUhV5vDdp_SeMywEVs3vb1wGQPcLzi3uPXO1jFgrtpUI1lVZm7IC-yJKYxS0cgJil2M7QcRKI6NvnYYIIPi8NAn14BOLV1CGpSaO-HtECUfMAkinAcWd3hiyIljxJakO5u_5aTsy5_dJ2KScWpS-MJ3Unyn-VHdeP4o2Nn5pm0INu78__7oRsUgLW6vgZ1OSwfFlkrxYO7dLvfeSazzxBmIPSoXjnOd_UrpLkm0DN2jOq63hhydRQZ7ttvfYu81hdvX-xIL0RbbstXzzRQbzteyWLtun5bK0kop8UbZZ3U53YF-2Epc_DsP7nwyJoW4YOkTH9Q8MMeKQRo2vlFN83_YJ41HtpIyJH8A870JHNJww0cV3ajMlvxdnBhybrchbYufp-oN1y8TQaQmM0JBjzja64Ju2lnpNmILgBoEQmv2zMhm6POLHLWQUrROU8mCmDEQxKCl8hoHdHc9-BGicYIi_KW-qB_7PL6qIHetwiSEJZnCOSqXBkO1XBLj39BTqcWIsvvhVF1EBvv7zyY7sLECew09JpEVqKoN24kNviysHOPvyPbdy_w_eiMkJa7WNNkyh7bxxTKJcepN8cbQ4p5H_3cD6gpbu7E_UT5Y8t90T6TIXvP0l4Pw2QjIU6tPQstOx9pv_MZGGmux-DJplLDKcIN5RrwsH4EK_-b8iDT1v2YCqr6S4k4Njec-8S4yGb-bGHF55nsQ0SJq1wz-KzXAFm61XO0LySGAiDSUJwdKXML_i2uw77a1XuEEwJsJKEkqnkRxtKkwq43TZW_k084RD20FemW5nI-s6Itd2CojESqnJY1EGbxx4sbZqmeZcjNYx9leWuKpLivIuTUR1RnODCQzcVAN9oIViCRCawk8JzPshFqsNM9-pgL4mi8xJ-KFTc7O8znUZRk60R2n3_1c_izYwmSPhKZ9jJwPIZ7Rn8LeCOnKZcgE0f9sZamBtOO77VEMx9p1UM36mwjtucXw1kGJuosUQbOozD2i80usRQQWq66adwkpmfNhtpQoic70aileI9NQXgaCyuJqpgEg4wD2BataxeuSWtfubvD95n4tihD3g3FRRxegcFKkfcwlB4xgTqjkbfZ-4IEqyDJLfe4ZRV5c8xV7pnYLnSckBAKimmiBuaAhuMKqEAqrubrGMFl0Stl-LPwvaBuL4uXhQ1WgX6Q&sai=AMfl-YRN9VYjDOJYgNthUtfDointDvITa9eC2TNYf9CWePoE-62F9zTND1E1NEX7-LgKuZV4OXLgC_gArnW4_7BIelng-qx2zuFimjLblKMj62N6hy5C70ENBjuNFKUy0TuwsmcKmEqFMCQ-hk470iywAekYbT1ueGih8B_gMFHtVeXVbgV7VT7vg1RDpyVJXS58-zXd449wGig_MplIib_BmNE2sfRhFZSDkO3wOHhUhpbg76o1W0tGNZNp2MkmaL5ktpuyi8ZOHrQsr5R_OpDl-1IwvcnaeKg4TUEFT9URAdV1S6BivsCClIogwCVLEN9CndSz9q5uuzmucCLfpddjbcnZy3672kT-Q0M-RVtBG7eeH7aeZN8fb1gxqjrIaI0-QSn0eiiOiVs2mL0d6eDnc7UgTOb2d3rb73DrVN-kjY1q9sH9JA&sig=Cg0ArKJSzNHI8sQdsxCNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1169&cbvp=1&cstd=1163&cisv=r20231031.07431&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame F3C8 38 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 6150 0
650 B 69ms
14ms Script
text/html 185.89.210.101

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fuploads.jovemnerd.com.br&e=wqT_3QKFBOgFAgAAAwDWAAUBCPORjKoGEP_shaet37D6GxgAKjYJfxY1rmHvzD8RSsL_X1gqzD8ZAAAAoEfh9j8hSg0SACkRJNAxAAAAgOtRyD8w2s__Aji1AUC1XkjjA1C6iYq2AVjRxwFgAGjcAXj-9AWAAQGKAQNVU0SSAQEG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEGpvdmVtbmVyZC5jb20uYnLYAvAG4AJm6gIfaHR0cDovL3VwbG9hZHMuajopAPBYgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDpZhW4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQF2ViIBQGYBQCgBbC0zPrfvIf1dsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFoOED-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH_vQF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=f40011a27efadeb29d8096e3cf59975cd540990c&bdref=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fuploads.jovemnerd.com.br%2F,https%3A%2F%2F6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
an-x-request-uuid: e8e7e781-537a-474f-a342-9e162837d53b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.139; 178.162.209.139; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D7D 38 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 58E9 38 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5875 38 KB
15 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FE5 38 KB
15 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 529A 38 KB
13 KB 17ms
16ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 699C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb05c360b1134673894fd0e873e8591f5056f787e7319ed4f2aa40050ec0f025

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A20 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7oB2I3RHjsnxNowaz7QS_eN9vKqazmZfV38T1hXEtqZ6zoQYlNp9bULORB85lCWofp5HeaLlVi_WdNYuilZ-Hsz9WcKZiGm3g0AZPHZQVYeFJUl2FcmN7GgxnY4g_P5v_ihi5_WBb7UYE5ogbg1-PV_8WdQf78lgEzWZHAchVL81g4bc&cry=1&dbm_d=AKAmf-BRDE7PKAmgLDI2k3Trj6PwMZ2A13zoyIgVbhtdv8buuUvQP56Aus7y1mwAx9UTMKkZKUm1LGU3i20-e4WfxN9hBHEOfDjQbU1LAkzqYAoJTCQsToSE2EA3ydbL8-ey4bvJ6WpEA9T9RIxAVAWM0nJ21b91JiUgAreMCVTEdLqWqjmQQpunCcGHnIYgPwz0zFHFEtDWKyLbUZo7r-ERkTyBG-nO0hxJRI9driKFBf0_Ev8ivlRKrTQmWAurJsYrDX_hjc0msxaX1saJYxnxk5Quo3CsVqd1SabuIadcCvqE5WYLM6q4l4nFnnlgtJFOEfBuN6s5ZcqurL8AHUujzgonX4EylZP-Ea3MARXKoE6_ObIPwo7H7D6a_y7zuXn1dLDsKduk0MkvDiNiIwBFCTNdmfkjVkLwfNptmT8mq6EFEwEZLzBZokWS2bEPIgTS_1pI_htKgLmvoOs3rs-lL6Q7KXdlvZr2FoQkqPmEkBvIbOhoQSYz0ImZv0pb-IzV-SiM9H5xhtVIqDmC_Iu4j3QG6ocYIOIOt76TOjlwStdSfvNrDxp70M1i76ipy_q3Czc3sRlutzYM_UU3R7g_WugnktewB81K7wd_KBYXB2xP4cft90nMq1ElEN9iwjCwb54UJCbRVkUngB_WPcJu-IfFPKvPhcc49wNZAaOil_BZus_4vQdW1CgZyVpN3Ccq_zdRp4R6LA1ABXgBD5D1BjbzeYojtjmGJA491oAPvTEX0mqEB0SCArOmwI2hpE5fr3oiVRTG5QBIgNqC55XXMlMBWJ8wT4TLnLx4P3MpuvSxZDRj0hUcTFMOJhEfSQO33BbH4soRuAmNRz_KOswrE2nzHMBLWdB2WEI_XitjZA0cvvyFTYD4R8xPkkUglhtUgRrVFbPMtcIS0sMwjwuJ64SoqFpcEw1GWzUh4-fTJCMlwx4ZBJ83I4W98cdNmDQ7U5Yizr5580gImy2fsaqlkjbp2_8P6Bie8FmrHDnqRupVWz1KZxK5y34cRuxhBwYt1VoPop9B96bU3V5Tw1Q6EentfO6tCa76UF3ZRB_qhPLffVB1vpda8Lz71lV1ApS7P4M0O-ripoQKk7D3uROjdk87Ke1Lu_JEeaTjo2j17twgXShPAhwI3KJDLozv1huQKRp54tDuLqLN8ZIcLIn0y_EFy3f2WWZWGU2Q4hmnxsqRI8AP7IehzvF5jFbQLN9vk70a6Wt3oeqo8TLdL7tYCeHpOk3t-X8wrSJcZMVUCHI46Qp-fUU1DxluzPguwWt-aqOX_2w4NVvTF8gars-bSfLTbNR3LxdAlmzVmwIlEKShWTZPxVxj3OUA-0jX1it36qNgjke-a6FuZlqdKlaYN3B_1JMYlCwzNtQjvBtpuSA_i2RAc1lcYlUiaUYY0ra-hz9Ndav202N8EVnXKcYuNzwZw0o-5nbXldDuyulDBgeMME7QejMrbrvjaL8kdodjPKYR0D5LRe-oU_wUb2NBK7R5javSFDwjrYwD-5aRI_vbxQGuO2gfzxY5kcH34VCWmpMombH0x5C2RESF13CSglklJBoY8Uvvh1G0W9Jiw_xQEHGR83SOW93eBddXPOBKLx8hZ0nluK4atCl6GlQDHTnJgg1Bw1NIw6lO7A0A14YIQKKCTr_1sGr99GJ2KLc2HWASs80MldChl_nQe6nOtLCWNVy-n63nsdy7AKyLZ1_O3xwGRPekE88X-2y0qmcZko5IgHyMNFrmLpAau62p1pOYPNYXRLHrrC6rh7ib9nnoE2GDQ8S9KhwuENXWITDnWcNehTOQnyfeIfw72rNYhoiQqK8zUXLRWvQbJPTrGISW67jNVpJToq4BbYuaYCKT-Gmk-BtQ4j4JOnfHYfkjBwYzh-QTkgIj9vl82Xjljm6zJIz81kHUTZ1lpmYCYyS_qguyyLJnv8itiwsb-Sj8rj4rqLZy_rSWfln0chkGvArT3tOKkHPESziVjrRUjGU6BxnDIUBQ3Pzac7_BtiheE2bX_1ydXiELju47pRYG4IK3UNabSB6BnUoQt8NMe9l4lCqdce3aQx91l5AGjOhku8AbmRDW3eWYLIFI17afX3-x4a48MZ2Pm5AyluMd5GQRHGWLP0bXuuiIgFcIeobjJAocrrhVvpVJFb6z7wHKSe9LpY8y8PrjzXrm2Jme3BxEiwfMuLeJZ0IDkFyEsTyIV5dwZF5_13-Y_xL7SA359u9fZ2JZEIhp9MI6QdoaG7NEc_sXiRKVdbF4GDvAd4F9RhQJ2WvqKwVT3346mviaGH6U0dYDkHvJccm4GgM43VQ4xuCpq_K6thhv1-kKqajIiXPVmTK40JAt4PYDCH44ebIUMvHCrQtEtaFBGo6acOlcTEIswCdLBEEqAbNF--MXjd9zc8xCJQH_xWALamvgkKJA45K_V07oTUdxYSSKFhNws9Ve06UiWnLM7kQ0-ELmoWj5AfO7nX4G55k7AVruX4gL97L8bqFZHIV9XnPr5w6XJ-qeOzrcH-e0v2VJmnbOKAG-Mq6GEfl-_HCQVR8abYhA86K1paYvZozOPMy8vsMsoZ356wHLa8ysvaTmHOopFfrdXpqbSNsAsTzT0IW7DN7xmcTNWEPzCmYGk3SzjaGH0FyZiyeqmJgwUcJPQb_LAJtnYaVL4W2Cfn34d-68_I9ldpeHzpIpWbmVtglTJ-CM8M638eJBtt9kZKA9z00C-TkeyG8YT8_yoQLK2nzhx8sTsGW-Q8wzLzYBPS0DEegWiewaq1FiB5MZAmfSXyzrI3-hIXgcdNi7_cq7DZC_0yva6t38DJbwuYdKMNeTNpdqxaT4AJxPRc4UBEWaqkXgoWNZtl-CWTUf918FNBqfaufjDT2UpY_FGPpXggq8blTthFDEW3JsMt1iJAZcdYO1KOxjSLevmv0Sw582yN3l54WFe60BKsLRAqC0GoNub8-dl_qRa-o8YiIMoMpDfw_yw-PvbPbNDooebMHDYfh7IPacYJoZwGGesL6KhcoBXb0j1KGHa7RuIfHJpZ0MS3nPkvTQgtwlfIY9tOiQwK5UZxoGOcacbZ7wMpr6Ga7_suCe8DgVSqcyuOp9ZZu3myfDa4ZJGvluTIeRl0jeaFb2JREtEjNGT_PPZqyDS-9CHpnkzC9OPHDMlXys5NrkRhtSVomCcQioACWDu4ola7kna2jphKwu0EsPYo92Zi-Y6hoYjs7z3-pgFWzaU3jsdGzPbnQ4JBGdYDVI3TDRjwIGNQ6yv3_xzLSCPdrmsdFEQHK_iV44coO0I0_MZMU0Q8K5XVpKRZi0M4dR7UXYen3aZskD4bUmllW7AloHLPktMYoyUTsaT0ZZP-Y08BtXQ57S6QA814lJKb_pD2VX-B_7xuxxdHgyMkq3jB__lwryssm8DrHV-_s-ATogxxWdDepYVpmrrjn9SVJp8FnjXVTsoUwRf5Ti1lUFbWcRfHKwOWhZS0ADLx6OSIPxZ5eGrkmM6dd0Mg2QdtctC5rKfXqiPOudexUHbK-1l3LdzVF9zdH-98nDHIB4VprqOVNrLL6uXq6DGcVRD2PkvpZIOl2fvgG1PYEU_gFLMB_2-Wd-Yk9Py5XATY5rqnVHsdZd4cLRCDVPoTBC0H5TQhSuHm1Xltt4UPc6kY0BtmBezi84YdIhL6JXuGcz06d1Vp-4RGnk4AA9CddGOYpn4vas7Z0hBHgZ7W87cAtn0gXtsZ9-RE92I7I9FV8nQQVCrf84A_6c4JGBhA-tnk_wiPJkrtbszPcHGLIx0l9ePVkxujhKuPjzB3TZGU4I9fEFL6vHHWnxC2MYH453DIM4L6qq1uwsGqlc0mAUTC9-HGz2S2rwyhqb1OXbaIDTrVOHZoYtiTPgafNAWW1d_ZE6FwMfyYbzmPQeQbn3eFobRdL66meOWbOPMkR7_TbGx49Zy7vLnDyLL5NVyzFqzLjzT0BkU1tQRuvygx8bvOwDcPa8MnmaBcq8Kro7lXwGWcOquhhiX13Jcb_Zv3r7wLMjIJkXGxmiQSkz5_FhxZAmogX4MHDpGB7Eb7nIDet2k34-0HTsf9Qz6zjQ37zlIgToTCSHhNVKisbr5Bh8HrzdQBYaRD-J61QWtCgcBW7nf6M2E3xmZQa9d-3pJpv9bQ&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=3902820229449592000&adk=496764934&idt=75&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E2C 41 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B89-yY6XgX75pqWkrTWs86tFp3OVVLmeRfW3UE4oSbwVMUUOPhG5Xp7izxRrF2_6yi24FCPkxV4vANlqoxq0a5KGFIo3j9JRG1ZJaULu-c8XioQ-bYTTPeP-CkNe2pIYr2Ig8FA_-L3J00or78Bfw6mN2hwLZJWgqVc3u5qXee_N9_rHQ&cry=1&dbm_d=AKAmf-BrHrP7GADGxdzjNsNLxrdakhOWA54W34nr2rEUsVobA3oXEZfbv2Yx_AqTAsVwgRftbjdHGQfzfQpIwUlvpkXYS-Ut546ZprBRPbD-kEZiKF2xZcZ6dxUpKlPiJkQgtvnvY7QNjYZZXfE9Jh67oUbiwW1Hbr65KvRjRAwUbix7SgcrIngiHS0WA0rJi218pZQLtpRDVlul6lo_-OI_JGAAGKoEWHxbzRuBqRLdaBhv6EI1BChprx96cQ13i3O3jGP9W9rKJvYiTOwqEtnDcqfaAlyDlGWUWYbTYqmv4zeg3ojFObRzlw6TGl1sgJKblV11Q-hd0u92BADoqEX4fmervRzxM2JLpNO0loh0myfH4n4AQdDFAdvMSahdwGXfNIk2_TsnwH6wAvuC5uOS_twze6AsxhcJkdp8MFW-U_6UKmpdl_dibTOkJsAIwz8S3t2ML6AKoVBHgwW2v4zDjdESBzVUpa8D-mFfFBk5GAp2Bl3o-h4xfw2XlZkv1uSNGlDZW2csfB8QX75Rpsm0lT4b7dPDw-o79kjQWTVBwQzS316dRtKMLwA4gEFHxARmkxDI1LPboWXifNmZ7YuvAlHhy3bkwJpsrdBR9j0_DaKEpZdr4DE0FXXQqtGip6556ZWUZhEU7TepAJjxbWITpsVmyvVKa8P8yNt64tvDhH-wr7x7C8wT0OK-81RPAAdCcaFVi1MqkxyD_9emg1PQKi5BvVHIIyzkyDDqiZ_09LigS9uDcVpmKcbQg8ggz0W2aOcsdVhz7YLs805nd67SKfB0WNPyxFAjxKesebn-kC4WhO6MamY-N-wplr_8vpj95fK06eov-nkp5-kb5PmvphGsQPVNRirWaTfqOIcxE19QrgpwxQuG5qOz34xS0FzaVCYUg_lLMWgIgmBz2jr2e1hbmgH0QEggivDWty6e-qINCYGTnkngyuKZ3D__IxMgSji4ty9B2F9xJsEPI5ek-eugdH2XzzRtUJ3UKziem8gfPYYcxZUf09Alx-N0GDfvl5tRumAzHKgtwlMWX6-ii0QD7EVcQmN9-m1Xy52WeebA5Qsialkyz5-mKfHaqqQdrZe0LVFKDY0Lc2oHo2nH-1tD6ipgIKrs7Q9JsiSDUwesujQrPsALwO_loVRnVxY4jjibIaLLGm7UY1uBnA3qNtDkD6-ymYNBp_In8BoUY85I-MCvF34tA5aq-YJjLjXXRRoWPu8VYK3Io_sAkk7Ql9PS0vvMfBUlHbkHHf5T0hCUvqeSbsMaHdHDSDjtYdQYF-hm4uC119c2_ILPZ5o9iUJfHsxwBoXRLynuzZkL1KPCALdrCNAyPKJQT2ZKQNIV2MteSXMbHk3J7ooJzTuCc1aVJq_sX-4Ne-bhitbvvgWM9JscsioaS85807aYEHyLkKtKpYdgkN_QbghoMLCkx9LUwcjfVSO2aOD459DninDs8noChL_poaqRFVMlzJuYLrgddgt2nyixlOawbcE8Jd8_Fg0vc0GaBVG1aN_C0vKFaPU_eg5PyejCaynEtbX-sEGGXkUZIDJ9uivKxrED4zSxVp5-IHRxY6QwzPPLgf9Y8WiICcoD1wZ5_5N5QRD7_oGYTVtWqHgxP9pURDqZ6v-6ltpzzSTq6Fnlf6yxMAtrQMBF5odJ8_MWQ1HDHBOhrlxjpz3QIqMU3_T1YmZlSqWUZam1Cb_LzRKZTSByYzT4kYJWQApb3VWGKZd3X0o_U2EfiktI__pI0qBuPQyEgoRxtGgS0V1e3kyIK-bpH6RsfcaBKnicvxBGt4qU6YL-VJi-ZSr-2_yaWo4vpbLxXqcrsC3-Z97UrJKOwWN6UHNt0u7Xi-eUP6siDz7GJxW-6R9sjNibbqeA_rGqVQ67iXhjKKstVbU6Osp6LkJArmSo84o6oLVMd1R4LtD5z-VRtfE1ePVlpMytZYvqMhTbTfO_Z4nNLohButUDEYQrY-f3aKFI-j73q2jsEm8aqKvgVljvjDKMdBbngd73xsNHzS-jVx-6K4LmkG2dbyxGb1KNA93VpCyl6wFm5WqgD0_7LrIo72dJQPGUBXPB-xq_KmNnR3v-GBr3Qnv-t9drGZreVqlH1BkFS7k6J6T5RS6brgnkhM2T_sAfyqPKd2j4jmTfibdmJFcNQ48jan4Dm4t-k_W_gMf-XH1hY1vWFXmwUrzpk_NpJO899tgdjzssVPYz9XR_7JWjvTS3ri-VhWc1I-znETJeD_dXaoAq7LxJbNbzdtzetGZBu72hgsE5gKCBuDBhmFZSeDenh9LB7bJfWl_hYpe8ePV6Ldqj10gUqFxaYMkOcHD-gayk2yr59gzq_pVxrOp89SzEnMnHmk8o_ffEpInnA-e0aGGLYVIS_WpdP76xkCgibxAst7MTcEKB3_ygFKpGvTvDTnQVPQCVUDqeCnRGJ_chubD2x_jSmn9bFE7QsN1rz1ChJYRnmaCmRR3AIqTzdy-YI4loWDZD2EyqfiBNLGWyS_6vOFkhhJb1lArsnaKXWGT77RLIOp-WKzMS38qRIhzbOpTi5sMAxKklrJhz-pcVmUqEe2kVEVtIiPuo-C2mgVNBmJgtB7Rrh_Cmi0i63Cg6CoIOl72ro2qgsp5EgNcJ6mMEs6r7Jw27vDStO9vlVksz4U-GhlfreETEndFbmU5eaDufe2KjfvAc58f19MRwZ9k3oT4sQCi0tOSG7m-6wgzCobS7fRi0dXeUhdK8onYjkN8U5s5vw-v-DND_XroogbmMsAtZH5d_IZW7ffHWImT09U8gN9BjdchNInTRqbJxCZ4_XFcv3mzRMWRTkdByJGvk01qQiagEQryGaAxMQ1i3cAOaRlmlaiAhR-MohM3OPRcqEmbsum1D21JGllG1xtVrEKhzFb1iN0EmfoCP0KxXJLln9oZDh3E9lZRULcQZaahOqDKkGabIfmquytbAwj-kBX4LElG-Gd622iszhnd04IN2Nc6QPCyitVWaUhJiFpDgnSM-hVH23d0rSh8ljQuFszY5ZkPiqNIqUZeQYH8GsbBHQPOGthqZz9aV0V7YCsqrVcUS2IkzfJCVb8_217xRtJMGuuA712i1jDWNAWTQ1zE5BXkqMuDffTUu9lwneO_MtoeVkvQH8Yy--ot3pm4ac8Uzw-nzhb9vSWyvKS6YQyIDKysh0iV6-wV2S_4C2ipc4tJIblOl2Vmw0tSAUBEe1_B65wPYzbs7h0nakgH6btko_RwBoIwXtiqX7I2uiVc9hNkS3cH2o5xvQmlvj8fZtodU0YevlVmb15DfTZY3tZkPNihEj5uCl8WbTBlZ_BcfBh_LZNDEmdhmPp8EhgJ36p28I8oS08x8vm8rg-TkyvDcqGmAtiUhUTViDC0eZ-Qti-GW0E7jD7XJUGUUrw3JHuTuHeioBDBPguLg7TWh1OzwC65uTIyWBNPmv1g_2MzVw7BgQm5mSiELavCaFvJLc2cwPA0-SGdo3JcFgVpiMoDWNU8LEGkBipdir0Rtjx88qpnWpccWU3dsnE9Rp0V7ukOUGeXOljCkOlCOBESlM5cPkBmwIgcQitQyko8hkrc4IMiPqFWYDYaTRLTgFt_TF-gVn7VkUfrp-itM58VGmT0dDUjxCxLWfM7svCKBC5vQgDXj42ysPc1HcUPGcf0NVaphUM_gphGGpEJMDA6sLW36kliulaT0aSu9e-fdP89w-t9l-aLQoXDieGHzFeP908Ml0r8n4FmO99MaW7VhGYKWV3U9boWA1CYCz47xIzeMSMe57ZBQFVbSCFjzMbQZlZ3UajuVilP7PxiIFMKkqE8vJwhBPP83SWbcmuD8eeaujUULe7KklhbIYWx7E5b-zaqnfHi3PyxUAqKGkhizDGLfqJ4Kk-eye7r94km9Ozf99TJwWwkbrbs_7hi1zY_kZbdr6zwGU5kGpqJVv_re5E7SFrTb0iw4iOnxi21LQFA5uQhBUFe8cdfRa5ted9dkKdSirDwz3BY8IwzJQPyGuxVphdGLVA721Pu6URQdFhwuKrTzMwMkLAL4jFxnFtgIW390NaL3TMuyvTjsFlipDaez7MZCmvbK_6fFLORxMYdfYieFysN15lYGGV0SqE3Jl7sDjGJe2IAa0i2okKyzXlUpTZ8kUDN0Zg&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ds=l&xdt=1&iif=1&cor=14392911961025982000&adk=2013371551&idt=69&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 02:22:26 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BA3 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EC6 0
0 52ms
51ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7pV8DDZiyGnQt7ELlD9I0WRNz1U0BuRfl77Fi9JjEDVjcajNQeaNRkkPvDROm990Dqp24Xi--kOASZ1r_zrNMQK6uivbiTMiNLOC5Eg6KcEKc87tMRy5kO87JjZJwQpqri_tR1MX6mhkTNVU19zPjSL_ZqoCHfeFmqY5FYf8l7WW1dmkVf50VxdVX1hd_yvviTiIGdJicgqFgHPRAjJSSdwSb8RyR50sWediPiq_Z3wazRk40QGFJKo4YX6DCDxbXrcndCDllEYf9qyFMGSigeHobJCLR0qYtRuzJetxtWUWOUYpjv8NgcFU0VQ5s8LxriPb_nYwsYkytLm4_7cUqjlFIk0JHfUtfmrjRGhpNnznnkq1p6gtveyrTRZ3aN94tEsINKoDYFFjRuKVa84XCweR8F9zx2R1WugAAVXOD69A7y8RffTlp_nhl2UJz7jeRLVLRomG9YNcrJlCjG-Yydmlu3dG-gZQsY2YHVu102d9Omn8n27bnOY1DyPkZQEvitvvf0WvTLkpNUKycoF0RZAHfKTLDV9PHGQ9Y3xK6J1IhZ57Xa5X_WZ_gfDoAgi5TnB-6rXqQoDAyA1vK15pOWhz21ZHHk4Iy7YQxJhWqn6ROdGcnAKAxpRnBgI0LRYptb-qBHZw4h9ONDTp2rzwrqvdeTE0GegShMzOlTiqt6G-8r3TxutEmij9UvScAhg0dD_xEDsNHWi4HfFRglbk6yB8aphoWVIuK2WloQYUCB7i4uIUru0bhSdLr4FzVtCqjgUvth5Sskyui97NSyOJT-W5agqmfU1xdrMIKyGHIVPlxG5nhHSGkPptmvivMzGLomYZwalbXAsUD8IBGnrM3q_tWGhn-dGoSLkxo4Aif5RH6TzrJqc1n1h0tv2WQTpc4D3WkL_WvnQJR45Dfo3NptIETBh6oVwO2ur_22s8IOBcw-AVg4W6mo76PgOV8PGHQq2lTxKQc2ONtF7JILujpkLJ33MJoYJZlJXd7rvlO2_az-P0di1GxtLYwDlMCZ5Pdk1FxKmRB3vMrp3E9pdIe5REeaBIkUACyCSlejLE6qW-s-awGKovMUQY9ae6rtx19d6pT71gP_BLBLJetCuHRUAEQlqMFGS-LMTn7g5Yi-XQMXCmTv0uH1aiMcjdk-2khPz-HQg48o3lbqlG1E-cI2waQDaREdKV2IzEYZw2aX5gvDG3tEpjrq5oi5bqI0USLjuN7BcSoAGpEVoCUmReKitOSM3jlXTR21EH52xkEUhiSE47yR6y9lM1cOt4D28jKfdyWmrg7VMfzbKBBh4XupZ900WKbThZSzZoYWajHV4DOfU7dTM3xTlQU6xzZ9L9vIAlgaqHrYSXxB4oWrsEjC7vDljVbHnz3Me5D8JNuB5BQUigtMb6BTCjVS93Fj62DwAvuwMLO8A-hLCVYJ_cdoobuNCNqDOnv2TavkT3Us1MFbh38Ie_NsGZGvB_Ww-rTKKQqqWdM9qOli5VZ_FCsMLiI5f1A9FtFEL117hejnyFJdQVQPKZyqw&sai=AMfl-YTZuZt606Ata0AMIOUgsXOJu8AYwNCu8L0bRAvnkF267rBBa0ClrdaN2IrWa6VxJ4LfOyYMe9OSRRhPCd4MV0ERU42j0g1fnzYcTnpKubHhdpjCPqJdhu26rXjGwEbNvOS752NqspaMUnZbSg3RPpmcoPikH97sLHrUZp3w2cvZ3EDPphgnF5LbRlL273iekHIzB9muE9PYSKfp-Vw2FZ60fyfAobv-wGBrDEvUOhtypoKnihY1O4YYyu0Tr-fb-wnu6lAgFQp45y5SPB4jj7SK6zJs8_K-bhGL8Ddq4XsdWK2uvVV0aICdONU3W3xg7GPIc0l5chcGy1OwlNSAb_VerFRS9YL5CmR5wXgDL4Y7uydrBUdmCjzKiL8iR0lOl0y6eRKbkvmxRbztbya4ges34zvuPqWaSW12MUJe6Dqe7qzibQ&sig=Cg0ArKJSzLlzhhmJZ2a-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1400&vt=11&dtpt=907&dett=3&cstd=486&cisv=r20231031.71926&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame B46E 38 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame B55E 38 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 788F 0
0 53ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjHCpSGniLu8RMXRTrgcxmx_RUBR1PpAzqS5eYTUfxnexwohZW1Btz3G-3nAG5yxq0laXdL2KKl-mRWY5ERlEncY-iiwts8mN2CXdz8wvIXn0-4ciiHoOPPUxIv-p8pluPy4vrtMvWGPeCSFE1xnpNU-jT40d9N4rmfg8BnmyicHJlQBCcLVU8UMQs2flPWjp9FGBbIM_YJnvhGljhcKdvRW8sApI4grpmpneu3Y8VfM-MeqeohWbtL3lYwhwhEYa0Kh3x8j1OQRhoEUSS-DIVCu_KoTayj1aqetU7b1hjGpPbCsiVBze_iv_AbhQnzRWHZiQdkDfXE71xxYr6gwW6eeymdibZ7xDig3PE83UauKDeWFVrdrkBqg2u4Z2sWFbzUV0xlEZOsZLsJv5xNr3k0T17nUrcpWfmbS0i3XFN6ZQQcYapFYoE3IthfVsh0UTc-Wc11wS1L_TGH4e6SO9k0SXnRaZSJEcq5Kc1OozQNzXvJszr4bkAKJE9HsOlZ3btG1I3_xe8eOUVQIVWfYsPCw8lmYi_MH2RyMTU2HE7fFHCA3acqhztGTyOpq-oBZpasepBiDrT1pgmjSggLKNcehmy42dUhZN8MkiZeLA9b8jNQb5piObeyVtGq6aZlWx82LuJaEzBy1dL_ZHgqh6ti3FdmhiTHWMBE84Gxvx56Sty85qMCLrRx7DpFJgXtQ3U3DJAsQL63x_M-_oYrHDbWn-xLjeMCRw9eoQFHG549IMXQi4qFHUPcXMa4Ow_7rT1auSenoiC2X_g5QsABBOJuymKfN4YLDxz7eavtCDgOaUdDOoUrnvBG8QeB30-Vq3C3CyHs1-wqWeWO5p08fn9j1r6v6J5z1VI6TzXE2oCosdaZIDp8p61jIht6-loXEE14CIMd3WsgvWwupSYxW5StQtmyJ3ip1FZQVfP4dTAvzSNZIwImjaUV1b5VrYHnwGvpn8PY0ItU9vqcuL6b1aNJuU_PV9VsFBSMZB2FGuzTcKf18TnK7DaZBKotm6GfT1ury1XgFuUS4N912ypfLGOAQIeF0365QQSNmcR7rgk8jNOewQgvE2sH05jMNcrk-zMtTo36XkP_XbfRT3ahHxcsI7YBlzGC4cKXVHls9ViGItBvAXhCsuEjVK90YkYJmtVLpV5RJ22I3_bQMLKBVhRvA09yA1pf741hl25GpwSI0yimLB0ZjiO_jkHEF_5pr-X4o90t_MQKEh3tQv6Mzc3ceFIk-F-v04Tfm5-TX2O2Ys0rh-N9IhU_r_HyT0SAfDNwpzwyEEz6fG6hDUEkQW6grunFaOivl6xwIsR7fAcd3E_OqmklzGS6nvGranfHl0VC8D4pcq9qgmZ6JUo04KaHB8ClNFlbKt7vM7e9AxfGaQva0xobDhb4UyhB0CBe3xMDgF4CpVXhHty7-lAMpTCR1aX-nEfXvmgrgy60SuEXbKlRFSNDrD5wg9VrvKQGjzdQMI8IxhVg5VsK4RIVzpzaLhFAklAKM8f0Mh-StGrOgUHm-cgULUknA&sai=AMfl-YQVOsAZzIU-HmZp2tT5Kpx1n1LsdOw8mB5CQ9olLnd0AGqntKd5Hu0cW9zCn80VAXkSUrTXhJsMjON6-n-Sf0Vb1Lnv7hQt-4ODKTXh5cnfxOl_OjMUIbjft5sVpADnnEhTdvGoBcDG87x4O4nrboHWLgF4R08foh61Q4SyZWfugmKLSSFu7lnSOVYWHztMJ49EuTe4fjgATXArQMOmOoQFHGgGKLwEASe3tEwi52v9HHDWuAHGl-goCWKERMXU_U_neuD1BKpxhvZQHlFgJnuNqP9Z8jp80L5ROYa6BLXsILGYs7rMF6fdoerChxysymcef2_tVTdCOLmphbSrUHcW3xBKuo16UUJk_KovrwpqCWX9Euu8WTizwR3ZGTzIYg1ll1cSYeRVO7L_YwFxntJ3pfqNkFXeUVdHiZGSlF7WvdNGJQ&sig=Cg0ArKJSzNUsssrOSPVaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1442&vt=11&dtpt=933&dett=3&cstd=502&cisv=r20231031.70065&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2451 0
0 53ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCyI-5h8AvnngGYIiHjQQWceBreXfGtNFndC59n2vxYD5bLZw8A1p4lH4ydUL6UfNj9630X39pWqkaFDHd5sVXZKg7xobTIDjYTUy-jke2MdnwOarxWq69qkQJ7weoRoqzKqsMchPi9sN1dEeQGwrUsHxBxpAfXF60-x_lar90KiaFX_9GvxwLYyxVGSNdKMztqaiB5dr1bmFhyjylbSk3Ek8M0iG1J60ds--8Rg-Tbt-4uNy5H6ktIT0ubdI9dbq_7Yf5ZdA0w9yu0dCC94izB-d66I7xde4GqXxwXcTqWfnpQ5YtNzdg3b5iH8zPamMphSoUW6pUXFKus1AN7I2GHNQGdFxPtN0PWyT5ROP-btuiqdRhaYi3Gnza_3vAeU46COcEJQC8g9yl8Q67ENkZEW_b39MlVnYz0XKSJlB63NFjhGp450XwPbUjGsOa5ROt4V5vhdSsUsYfK_bR1GIn3HEp1rKks9QZupTgy7fgcpUgxf11oDkIDc6rdkiATW407UFJU_UeChkDi0Vr8pga9gFVpKbxBNK663xpTy8M7hSVHJI2dpt1O6oLtpdc2QyArRq1fdIHWt_j4RpZ5lsK8fFESJAyfEDFFTBR_umzbInbvm9amFgs-Q_u22owo3Ah4xr9nNM9M_O95vhO2VZF6eQyO0kK164JzxYsKezW_K97zCvok3Ip8C6x5P6gzxcdlNcsg9xMNr2MF3Ay_5XsoG7NuUBhM60yO4aCYUxeDWeGHua6vPMqAvn-js3QWqtVDaR3RLA9LDpZUU9tsWbnHINeIy1pEX6mOMyq2ZI7L8RnDc7Uh0mOUa81Ny_eH2DPKHgYKJRWjHEdTwgW2RrM1tuBhxGk24fv-vBSRq_w_MYooLY-vsIxJ75DgSAClF-GyUFjFC8H_Cl281-o3YPcPyepuRO6Mxes2sj_IrypXKifue5HenOT0EMpTC0hpl4GyOqsWwi7qpGZFICAk1M-4llx1Z1scfSH4r2c7p2WU86WL8oXbLk5FvrifzXqPMh7ZlGhof6i-Xjy80cJ290dCHDHXvjWbG0XsOLxn07ItgwXSJ0FooVhjskXdB7D_Y2pIs4lqGCj0k5qiFKAW2cPP3ZuRVQXN33FEssTgxoTSwT4VkKNFNdgTeV5NA8U84QwSS72in9YomzbV0w4QqO5Ydk-GrgwKxNAVvmJjgUDPUaop_TedeNqVNefexbf74I25hWIVZeJhcJc8IpbDpvS_XHwSpwA13U1w1yfyGH1xp_7yrtzOoIArAVXVE-yCUNxyfpW-nYL0jaPlXLm1UXQ-dHZ5qE5EuIQA4MCa91V_hDznd_hCS1yGR0XbBdtUgURqqzt991E7mA4oOzD8ETYRKgwL-IgqyV4VwYNMZJ7Eb7GYTHvZFE7AISdBXkx0ekzxS7cmXhRKpNhlBwW1zb29nmBq2tBBn77DrOhRZedrPoAnxoc4TJ1DiKP-sj3ByUOirdI5GYYY5exrg9V141nBrhph2r2wOhb8IfA6jRAyfNNgsV7lTTZCw&sai=AMfl-YS3OzQlKKXDkxoYwpeRoTrjSqYwC0L0JYH5JJFDz6vQA2Vx1cjDITS769bMlCPdjrd3ZlQAQLQZ8Q_MdWx_OEhkSM3BcTyn9c4w8Qkr2V0EeBi7Z4vceq5I5HznTM95ASqcrP0USIZltGdE2zuZl3dasc3iN-dwDIbdSBb3SiRPpzu-uEuem3ScE_DyhhZkGjjWyBhmKYozQf8ceI5xVlR3I8MMKrI9cLeUeo6lw-jv-EbvFWpkE7MZwA0Ypvkw7Z1xGlHBaB_dm0oDx-RZCdYIkkUUTgIb_FsULlAYij6UIpKM5I5l5YwRbSGudsa2GX-htOBx5OwC-2wr_pfr72JuLGQEVj77LgGg9bpMvKfu_YBziDR09XJJ_ryDhQwLGzyDFhyHZtTYvirMeldSLDS87JHrClsoLiwxPrwggHV6gTH-1w&sig=Cg0ArKJSzHHDD-fBZXRzEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1536&vt=11&dtpt=968&dett=3&cstd=561&cisv=r20231031.50786&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B91B 0
0 54ms
54ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRSbdSUiwMi_7VA4gbTg2QYv3tE4_SwdRexjScu4fpCMf9ZuqhYjtLmfWjeNa2uHlFPEet-pscgp6ERp4x3EUo0cqiUcHWvKmC9IlOrY-gqzsNU1W-Q3J-DykpP85P1hxCxvYzqp4Te_h1QSmPu7n0EI5tdGfq99fyhN8Kkzm17_vXbX4UCXZG1pFN-5MW0pZl0qoecGdx8ecR96bjYSUOohqP5JaaKefkBs1xQyJl_FUj5ziIofZZbOQtmZp-an1bP2ksnBAHCdMO3PVxqBpF_EApqDN5IV9CAmHjXitZrA4Rp-9zxWVrEewiiF6-yB-YILbsQr7oZaQdw6sip0bHRTOfB8cbplwKsPtdHmoZAZvDhlFSQTOtdNvYtNFUhK1vsAtQLJws0kKedB7wUm2CA53q8OH88glBj5bxuvGgOOxy2Kju9iPT06Fo6eUZ31uYE9qPWnjXDxNqfiiUJPdmy6PSQ36Yb5XseG8OGzPXcfc13q_WBUZr1Vd6VJBc5rKU3larMxZzPpr0bAbtPVbUTAs-mnMHvB6A9ABf3jquDS6YhSR99dOXF7DDsxmQ7sXPbVAvPYAAxeqA4Ms2cAZyHA0JMYePeI0NsGewxVE10U-Q0ekeZw1qLFeUQPq2QTE_-vpjjy22jVAnBb21phPV1hvXAcMChiFY3h8p3sBq0_6ebBEah4jnsZiAOKWl3puB_mQSeipt6CTu6tEqwHTS0a_I2rvFdhNfR4iWSuZ-CHXGp4NGpKc7Xqgsoei-S1_p0D_PlaEXrbRznZdadJ7fjZK9BePAqEoQQ59xtD8wgU0bCbu_JFXWI2JCPRmMY1jeYQvs4oFpxtsyjoiygO9PuLwgPsCcb6LKIhKJu-wiM8DjByg2POI4DC2N4crPQZps7iiyIAvdQzOI1vpIjqd6m8s7endp1KGWe0GrRBUciEwOcFqNgdThXjNr4D3alcxW2y0L2b6STdiPvMDs0crBkNQlUAVkreRo2jwmaCQvU4AvrK3i9VPqReV6Ts7ypnPY_HXCAExeWlti3L59XzyGPrtWOx147goXvP84F21GxOeal5NoglhUSt3R-ie6hZEMtoILOXCfCN_QZTSUHwf1xpaeShh-h4afkngsq8wVWJgveH2MR6f6VL3jPizxSGd0tgW_ttN2vun9zVmfELxuSu5G0zDYYH41VRrduM_-cX5jyleF3iDpJ1rzr8zLbQRZKeKKHawr4xxVorcj-FAE2rxtrA_leGe90t-QiP7vGDUYSMTxeZfNqc27T32p3wP41cBN7fNY_xLNn0H5Or7OUuDTDNAz63ccyvIiZZ3_Dz1vVjCLlM8GSAvOTF0Z0ESmLnveKnW9xSS47F0vgaPAmlLn_jm7ZJQ_LOKiTMrDBN_R-OymUNtqJN4Hbfw3ydVR9Kgbna4VWPFgoWGcFxASsaYLuKaNwbeAfzmco0tzGcbFhCIcTYh5G-NFjjje8-W7hRzXSPlNjSGEQI-kRBRT2YW5dIiET5GA19SvixtTMcEufbX66ndDCQ&sai=AMfl-YQlTUoJ3G15yuxDEB1kcdDhgoSo0D-VXZo1gIw7oth6YSnoRQkLph6GWUJpwSktSBlpA-eOjHB74kg15BqE147sYULwdOsNvQTaD9ZtGWjmGqwMAj6XSfxDRPPERkNhLjtSeCVYHR5jAQvxwNpC3wpbBOw2WJhTVhNwM6sTRxant49UWGGMVORVDpKVV6p1Y81BHSgvKXIPRYDTAK3jTbZbU3cQ2Ec0XxCNS7qNJSrnS81zGHxlIoMjhTKQnSx3tCMNkKhvjgY3p6GB91Ipzh7yJgQPrUvaEWjmWPvCnO5cKmIXL6f60Sh-b8fqY-a6xRriH1LDb1GWz4YXgCLDag-7Ofntjuk18udZG0UZ50bRGKxRLpGlel4N33To2R-o84qUkbYv0qrBlsQ0EMDWRUto5NSrCFSHDVR-XMcUjJadr4hZ4w&sig=Cg0ArKJSzHWPUVB0OlzNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1375&vt=11&dtpt=878&dett=3&cstd=488&cisv=r20231031.01544&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8621 0
0 52ms
52ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssk3LHgJJyD2ynA3MnhnmSGD2lYP5lMzllQ2Nj9G93idVvkOT6YCA8WBWxIHEgaOFIeU3qW9tuElbgqSOOpvWB9ElKI59ceyEl--LrnkvG_WpxznhPRYaJrz_U2c4Nh7UxvT4UhfQqXx-P63YufGMEnQA-Myos1TjwQqu5UmV2d0_o6B0ApuzeKchxYjPqDi5gR60UB7OIY259jmVsvfnBan8lK30rht51q4CLmB_IEgwmmQF4kX8NP1S_na-DT1VVVdFB_l8pGZ06-eiZVcPNw4R6ecRjvEB1gEwumyhawZwX8qMYKsIWjJjOQC0smQOqbLr4IJ8Ofl5PAXAFx89iCu3hFQlLSk33HQZbcBr0YGTg-l_uYpF5uoMRIooVnnEOLPbQac6hQw569XGRQyF94svzhAYUBlOVsUUkDi_NO-jIRHWAnvTJj6DUumUHV9g-3NjDpTCUI388fz2ju7ELRtu0qdluOP-kquygq5MEojP4pR-tEXIfmI2MixyhCrgzIJRJfFpE47lFymW-6cMBJbiRL-CDVCWDbUmwZOccjDiDAPxNfDg9sjRU7QDkjYQ_2UYCkh44cxOfZpiM_krU3Er0X-pIeA_RF24rmJMJjGLDQIQfRZkFQjHUr-a2NTJfby9ZjCfBL5BixZWNwasTyzygp1Xlnqnx9an4m3Jco1wdX46INSfzNWD_phMHeWxJ9enNPlSiVNc54kv6OzISL0WodknzxWzd841IjYdR2mYU9OuEF7Jb--vYMpBJxA2lJon2WHBaBxUoPXHQNuCJcycR4ZqT_IylaPeWBFunqOxCzu7pc4djTmyaep7yN61uh_XiGMCUUD-0nIciwjzDMXwfBu57VPqCTnj7LTRJBZU5IdeGgjQ912ZD_ylstSK37i1QFmMRw1QNhH3sY0UMd9XSYRnSaRotl0mPuE0g0f_Hj4J_44AjdnUPDDXWd_BRz8qnPAy2FPCp61lcxH0RpA2qne1CMqezrdDJFXOPuzqxQ_xxvR7VosuXyL4gbYRKknNCbN2BcE24S0nwdzpSHd-4Y6iP7XYZFjXH9_dAaf3yeiE-pV9R14eAivQ8M1KVgHFWc1dOvbsf9DG419G26BTSzRswwnKhRi9Uq59023TMiVravOnXLs5ejYjk6EdKfLoWVVon43Hzh0NBZyjaupOuOcUQ_cZq7LCQ61hUJVnZVpOOB2Hug3gTWwVDjRlxaiMypGnTkZN-dgIx9DU1K6tKxK3CURIPhh9e6lVWOS6hozs8HtPR91lRc9kGlyF4agEnv753623SlzhHOo6q_NpXa0Of3PKPA7oj-ezUZfYaPpXFAIkmzV_3ngzfJh2Jty9n8d3FQ-AzGrmtLttgtIrkEU9xbDXsO_uf-IS-sO8JfAwBblqThIUF-f5BZmirKcHGZOSagltlTdxFaXLtIKC6T4EJpIJ4gpJnfznKYeJ2lNoeVx-MsSSTyqw0vYB9o0yP2XXZUYLGpGuZpIGPEA5GjDusqzGBVUC7Vh-KUhMEmbRcX8fxHrTlv&sai=AMfl-YSKftcqtM7JgCJM07GA5XldCvswW9HxvbCPUGW2KxwjpokLeHwMtbj3OCEOAckE2yWrh_kJ7twVbp0sEiCJnTm6_XZJrpdoFYfOX171i5xtbFfaPfz_L8Z8rzrTvRXAv_OFF1t-R6ZpYiT2HdMsUwDJqu5DqHWt1G4AGfUoBH60vs8LqB3BMQkbkU6XG8Q_mdlWmsKS7W77VBCM2ND2nnAlbs4IKUCCrUUcjUB3-IHnIJWE9Vas3GiCP-RS2v85dkorsiushqCDpPCelPqqPtDbwqgCXoxLkcM0mn1U9M422QDiLEvT4fj2KG6b8AOQ3uG63Pmslu9z7PCu65i7JKnv4ov5Ol27bxNkk3NTCFhXqemCaeNL8LUeol_GgY4iLonhWzUSD7BGoQWR-D3Lu-xsydWZX103XKk99evvo2EQZm7MJQ&sig=Cg0ArKJSzLo3FYXQpVmeEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1340&vt=11&dtpt=831&dett=3&cstd=498&cisv=r20231031.21826&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F16 0
0 56ms
55ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZrZTYTxRI_DTYqVg6uY42AE4FcPOxUBH9Y_mEt3h7gqnLdZeraWip5H6PbNakISlWlLOpoSdgulIArCNWgW2BxR4eVGj1kHhucngkxD2s3DLeqlsHsLK5BUN9IQNlZ6pNptkonPcBC7Ne7trVrALOdOX9UEPTLuuVZhsbeI-Tp0uIAkO8nNYQajDTWYtfaRMVV3x7FRuUSoGMwvNdaZMw4LdSIx9DYsCBunuv4iTvvKG94OhpZRY6I59NhfAHufrr63gZsPnjlxwoHTrwqSpSoNEWn3Dh25wM_duCNlxnkrwqYTlmOXKd2fTQQ93VXhkz5GUeKVHZK_7JZIlQM-yc3rbCMmw-aDXUyyeqd3Mr0l1K9tPjTMKCbVbiZVjB6u6CW7UVGyLb-PxTDLjBsBvBI6Q4rOWT75XuA7Y74P-T_d7HyQ03yoS_SyfFTBQ3oPmdvavGxLAYqzTef7DfluzBrpkldsN4Pum3_WKzk4e8w1fDdCHLVbrkWphfCXWb0hKZeapSavlNN5q6Jynw5HdJslYmXLTXv3uANfwRi3bb8xokyuLcSgdsGiTd6QDvUJY7MnMIlz4J9s8aXy2wfI4DKJvk0_ZDhLDFStsG2kGOp7DJqqOGc1J-1r-V8QlBYXJ7vto8eUvJaSCguUHX5uuni2F_3oSDjFyNG349W7o23ZjsYJo5WCxDsxfF9PredaWuMLvdr54Oy0sd8oxirJX7E-Gi8-Jdog-I-l3TdiUEe0YRlSvEbJbu7vFsSdY-6xlai58ToivCYjfvnCbX_yY-DjvYw7TDeBV5iid_OgvXTRn0UfFDWDyCu4rxJFn4dP-XwskW5agGwwG_o72mWxYBDMlCCd7VDsAg0SUqfYfIBBWPvxMNmNLjne5qufIbMf1RFWYldhlcnJ8J1ghUFVCL_32z64t7rg-pVZzcxynpqKxrzV3EpYdkREsZrZaqYuiTgRG5fmhLeV3WZg5HrJR80QKiOj9SDHj84XIHVBr17r3w9nXiXlnvPGhE6SCUm7aaYbzwReDb0dsLrqcKfZK1RjZtYS-WwemQxxQ4EYPyMKAPHOTcdtldWNV9t7JTH0N0z5xDf4HNhr8DPmQuFSs_m3-KV_P4y_XQY-WBMDgRwuMnL5Vv0yndtkT6EoZIE6y7rtXDTrI2Ym1nRSHc61DWzKM264_pIsdSfDIt0PonJxK1XsAsNO5ogWmfeH2BI-fD95S8V6-RprFYwzUz5e_C4HsLFXvkU4AqwdWjQYBmMPOtXdREcFl9MlmCtefPkC3erED61puEh4KRnBascuF9XpIZg_2b_T052xN2sNIPkDGnbf7o_oMc-w1bU42UvPCrj3_TXsAIhrLFzhaeFwZ7Z_UeN_AcmDE9-OTfVQqrPpxOXXN1UNsw5sK5GSzU3N_yqU4MkF2VXdgmYzGYPdEmBFWGUUR9UhpwrsaAxn74ZZdspQrz4ARnALD6gII9MHdD63ZUGSdvAT-wlzBtsqNcU2hsjSfbX_c48x4RwYO4-uVVc2Ru_eX3SQ&sai=AMfl-YS9szmvltba-e2LyE9vYD4uX6uHaZcgdlfBFCmTM3a0i_gXM5y6VMVRb3vhKleiJ2DdZQiJbDcohJu7Tahs0T-AUbE-Dtvzqe4L_gEac9ovnApYi_i_klakuD7KNgV4mvGbk8B8iYi-IB-9FSk9qYfcoVBXtXNxB_wYSbu4NPNWwMwZGbDyS-i9Xivl-TpA5gCD9sqnM6lfzimulfEWFdTspuARHEF7nMzALG6X9qyrJpfFqzoU9FN9MQ7V9bP7eizeSzxtpLryQPTF4ioRespvKWF3XFyBrWwM6UBXgm04V9bJ-VSw2zL8xStlSCEKAsLBTYsHWFYKy5i1O0SsSXFWE39uVkvxRzCmL1zbCdLxvdNNJGRbhA63AhrMRUfNjOcP0fMDVIRuamiuHjtq1DkFCst6NOAtTv2ewdWm3fcfxLM8Rw&sig=Cg0ArKJSzMx6jjrcu8_nEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1486&vt=11&dtpt=998&dett=3&cstd=478&cisv=r20231031.91986&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 140E 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:45:45 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 140E 63 KB
25 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 94B0 38 KB
13 KB 19ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A8A9 38 KB
13 KB 20ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6765 38 KB
13 KB 19ms
16ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A407 0
0 57ms
56ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6zGaDQhR3pq72H5WCSngKmuFQm-_LClkv4annNuonNiq6uTB57iVzs_6YoaIL40zQ1M1NxUXgw8QyNz56AGof-RYJ7SH_iuwzdXqf30EuSeiwzHZcGRDj7_oNM7yQ9PXKz_wHyGzX_BLbvNvWcDLhfoArwBIqWJiOOk0_GuVinnvN7pjrvmI5bQEgUm2EtWh70wa8EKYSO0y9RhdLSrAABPYwVlPRjoGGumGS14s5ORdlHI1Gro3EUwhDOp6PAgmFuz_tMKUgz6g3PSc-BQutARMLFAsQLVOIxoS2Sfb2JfpCf7mxzfNKHqGi21sF9CzO3X31dVeNqdjw8X_hnwrqEZWVlhSdThSFJIaU5INF0_ytjnZU46HXa0RN52bj70N_3ZDVv2ZywcbL1nxc56M5Mdvp73ix96fkbx6sEIgieMZwPNFfsx_N9JUWU-11hYoWTfQ1O-6mZTKByrm1lAi2dkg9wGZm55ATGOPm1ddUSZDupt3tC4YlfVrn_s7qPRudPUA0fVT77KqElot6jFYqbVA8aTgAo9DAOVwL9hF0pZ2M535buThWqjJrKnlTeNt6LSkAZ9F1-vxHb2jfp28k8Ys7k0-p31BiVTqNHQrcS-yG5Ir_VtkLkaKJBi48q9Ng58EMtuew7l9wWMKpuIy-VHodQcJl29uFPrDpb3PLLXwPPkrOqia7EKAEVtHGgQb7sW7BKTqYtjnOBvCvXHhzWZcUra5tMyhH98HUBQjz0Q-ajGXVw51oPg2OS2BMNCIglZwc5IPnz9X1XhzrlQ2uliBWf5C5K_-kky3_Os3p4jnFQZULqFH4-fX5O8pzsxIOuk1zOGGxFxPcOXydHvWVc9G_7Ar4GAUDvwcX-iuZkKX5c5dnaApa9mUskaZf_2monMvYHwn09Zc4MBcV1Cn6qVT9ZcoTEUYNXySa82C1NOtn9graNAFY6QvOpeOvyXq1Y8VTsR_zT2YoLRg0iPVnYNdoncrXtlx5lWVl-ws6ajaW086pHpBtztMlVpDxN57wgadrlmhCIhkkNgioXziKWNrmAEuXZP_1OGi0y6gumvGfHCe46bm0Hh_SAl7VOr6pnUHvJKsaE41oVkhZZDrN3sAxwtHm31QXMOW0eB6FCJF5ONhqsMtoO8iDmut6vOjObUsnmzqFH1DwY6BvguTN1qiRy0jeMWBlaKYXVRFggv_AEYQRl3BjC6T09GIP4emaVxAp8-Ki9GJbi0ZF72UpZYd2yy4UDqXzdy3YaTgVVng-JVmmMEZDBHQ0g5gGXAm0J0deklwsj0qwcSXVJ17otGsfRpTcRwkqwKRMeBIgQTUP6y6w9R8C52sJTRdS-6k17_qHdTpviH24ZOhZHyZYifZ6HeRImHyMpcKnhoQQJQ3ui9ATmbTwcJ39GrFk2IHHrKU1ilKdp9O0vTX5nNTLOCK7IqrNK50oovd5pVXgxnPAIXd8pfHagR3qmmJPWcimgzhDfL6QAPyojlSZ7dDO5jfKbMiTLVVKlz14WnP2BnLAHLG3Z0J4WA&sai=AMfl-YQOryAWrxWblL2rdkudJSySF4EUR7PuiugUtFUQ0v_VAyb6PlGAXr6BBF5y_SYDXJFWBKQD4QQZ_VBTzAig2r6_54H61doNTMeGJY0xBLHF2A5VDVbj5GflWFrUsfKgfY_SRfgv1VjsQIddsulnSEoOAP0XFhcIjP1SxbrNRu98ZjvGZ_rgGuzqLimsQuHuvzX3fw0v-0HuQRyi_F5xzMSZ5hil-xvn-T7a4gewHBUWjYgvjEZ1uZeNGJ066dyxJ8TSQ036PU_APPBwpG_lwqkmGCw3DS0lomOCliYNQJDaeiL5gF_bzinTuj2gcIGE-l8fgW8z-mxjFy_2WGYVhZ6J6eID1jvPkJ6OWsIVm2xEcjXcAExHoqvkCtGKFc72zphNW6sP6uN9giwibYwrcMRjm1e7u4FC43PVHODynldX2IHeXA&sig=Cg0ArKJSzNeRAKn2OHhHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1439&vt=11&dtpt=906&dett=3&cstd=527&cisv=r20231031.99593&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BAA0 38 KB
13 KB 19ms
17ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 3A20 12 KB
4 KB 42ms
15ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004496&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a573d518109e45122189dd4da6ccb75a57031fcac6bd1e01eef5254d7c308190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4244
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 07FD 38 KB
13 KB 19ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12505265398156424326/ Frame 7FBA 8 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd7ded60ccb19cdfb4c21ea7a3c8c8a9a85137deaecd8466c93c3d930734d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 60618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2899
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 09:36:43 GMT
expires: Thu, 31 Oct 2024 09:36:43 GMT
last-modified: Fri, 27 Oct 2023 12:06:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9798 0
0 60ms
60ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2Zh7SNzWmyFt1JwXn9jhmjWEWyAu_b7Vn96J3weaZruEa2AnYPkNxrvtbTSbDalRcRdvXzNVWx66oju2wcH7tcBggPKZtTWYiOs9SaDiYTv-tAh9msBA6YO_etbrGu-VljWIUW2kfjYxl8CrZRQ-a0U3Zx8XT3WnksgLA3jzXlOQTqa2-UGnPNHcieJSAb-DWToEhsK8_n5-y1xP_bwGnQ2qjsg0Gu7Z2jkyj39ZEBE2vSlKLTNd9CTOlbJUVLumMZs6LW5Os6sNExe4ZmkOtwyrXpP-PLavS2vC7guuNA__ry6AT0JGvkXSPKzic2yK9njGAxowvV7V8K_BsCjf49IeAe3Sx48DqT5pm2eF_a7v7qF7TuVoQ1HjWXtYQtLQMpndAg8R6poQ5pfkxQ05vVUBNHoO9WmtZP5hj7Ak2AqCZPtup9xgayXJPi_CpHxFtNr2QaigLrx4xHuuLbe52xpVc9rXpVqt-NAlBPtJFXNwIzsFP9mWsuxMaew1lYHjTevFzVQOO9MhLFOPOyu0v1rISMLPSGPR8AEChYu9MuaPmKQolncBHmLxn_E2XFprBGMltU2AbNLbdcsntebEJzRndzyqZV1y69kaiGKko7du-Zv7hdJFg1EenTEZqPc_UQg_80jR1skTiFxukUTcL807EqqoRZR3unL-pf64UoFvgnBCwhCpqwFw8CCY86y7kHFXD0nmP1eoBqNH8p0HMPtxoqcabwjkpOfEAf3bIQL6Qk5mjfqUDc_iPNFmJra-wiy0Kvv57mAVJb-qBe2klRupCT-9F7QvNgi1iyGadK17fO6bITIJqSReXDM2lMKINe8N9dN4I2z0y4jxhMBHCF965E7ZvJjrL7ijAHbLIBViPHTSuvMqZ1hhlUb897CCQoE98cCjGRMVIASXOIT4S4fx3xA5EwYW0zhdahbEjPFDO8NWxH4fwWjVTrVkNEhM56t_WENmA700hd2Vkd93J13ovkbSommqrfc85UULW-3yjffrpSCEY5Ah9ExKuGSb8CQHq5j0jHRqy-9bvjSeFn-6j2QDXBR7_GusjgMr8bDRhdFB0JlvL7WRYYCTLRaAsRaaoQQXhsuME0ne6rSiwmXwiH-Zff_mEA-hNaxSgv4ZpdkyU8jqgtGzWU8Q_CpWp-QlmBV2Q_dVjPMQKBolQSAaVNvoUTHJNkz7I8RpIciJxq_xTia-aXLc-5KrDue73H6qdKjYpIgH6gEBmm2f6RVTLYC24M8sNGGMbO2v-RA3OLFn5U20BMqunUKILyqaMAANHITSO_k-ShNS5yvxYoO92ZPLyEiAFqO2bT5qDtCyt60XbCyCKGMGsNOMWyCIbaRTaxN7OE0fmBXlkK8NQwdfOlW7NNp4LySmh7v5dkE7GmrdjnimYsaYF2jvUIj7Ivp3nMMblBueKKxkiAVbIDOUtzFp_pfSry-rPx2iItqPBe7q21QcBz0WhOU_uiCll3ja0q-ssKVxQ&sai=AMfl-YTu0fn3tByoIWGAPGEz65d9wo3IfIN6IkPGjzEt5y-wY06US2Qm3xZErvmbseRkEXxSmlBRlSzsBYydSAgOpPyCmKCnKCncmkJGoUR8oYRB81Q81eZug_xN65DZF09Z5PdPn8tHPd_8sVdnA1gzYRTz3rxSAOp8CkcuFOQ6lG9llQS-cMGqoxQRjfaTar5yU73HZETXu30Y0Z3aq4h4CSh2iDFxyMdgGWJ6iyuRe_xS_s5I5CGDzkUuhcp9U6SasCnf&sig=Cg0ArKJSzAMHZsuTOR-UEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&cbvp=1&cstd=280&cisv=r20231031.86648&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 3E2C 12 KB
4 KB 37ms
14ms Script
text/html 138.201.220.30

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004497&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMO0q8whDZZEj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9CURbDcipLE4iEniqUIuBTtG7GLHR5c027cQ6l6u23K7UjeoFD39ufLdKIR3PP4Tkhj36vdUB6F2B4QTVwhdxBvjd6552bccXb_E_tpGHRTLM0mD2F7uqviXzoWy0C4-BiKohucja5vSbjXTGr-QvIVTUtzxZGAMTCL90BxEXGkmrH_1LyDMDeUxNJtvvD-BU16neL9BBoUfMdIM4rBWztPGovQM18omfEn5zDPJ8WM3Yj5vC_Gcb0MRTRW5MWQETpN7HOftctO-QNWWrMj9xYIHba2HLukesYJ5THZHoVQJu0JN1Z2oUv2rh5CGo2P-YgSgmo01Kee6pWpHch0t775N7gmU19SrPdkPIVsXv_uF0UJZafeVnq7etQjHXFzX7ojiNRPApqjaN102k1C05IameDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwio5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_113ZQut44EpQU4GLk3MwHxfd5Ljw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-B_EiYhM2ozoqVdDXqlnB-mC47B3zqLXspUhw-dCksMF_eyDgCsT4caFYq1ge_1nlSe_Ifv1D4oBVeOocmYvtm_HrMjcHSBtyLbx6oR4uXKBT5rFh-C3sHcMK1IosQN0vQFIGK20fXjtmLfnadDNlfcYfaxeDyqT8WH3kdw6q7kgnRz9NU%26cry%3D1%26dbm_d%3DAKAmf-A5EBTm17yjh1B-A_FyRoZERPkXa5towt7_kwrTG50CxV7UwGVIOIJmknIFg4MDudyZpQtHx4B4FiB6yG4izxZ4nyT7REziy8MEqkzI_6hc7sqqUNCgD_2k_0fjE6FZUL_FePZtmJe7FHs_yV3O-RIaBbf49wzWNlrLGIrhJc63ydjpbI7iPP-tLhILTLnwrIckDTDRXEsX2HZdZSZow5ruXgF0AY3tRAgjmEmP1RBJIoL7vxo4oSqkc56AKvrzmPef2Y_cB9LcVEoha1JXGro57SKQAjaxR1dG4jmkjswRso6FOUCWMcUGqOY18BZY9vMoVZR5FarGDq3IzjlF2PJj-uJtO4C9bFrOlQKreWQaF50hPZMxkn6z-KJmPoCdypdiL-hs_mB3B92kmvV3mVXBgrz3TytY6SL_fQ1QgzU6X8Als4dEPvCo54bPcskJuA06LGxNH7jmKSqoKjk476vDl0CHai01DJ0RX9ymuhRGyJKAuNDX8ES8zFe1meiRYdObpFatoFNNbomI8iLgN_cU79l5ZbnrHb-AqnpuAciQElo8mDw%26adurl%3D
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: bb3ed7dc0789a7b8f6695271cfc0071855f61de1a4ffa954f39f29012a56c79d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4244
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame DB6A
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

114ms
91ms

Script
application/x-javascript

138.201.64.38

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 0765771a3572d1beada5a5a859c8ad592a7ef1b315d2c547ad6b429cd213ab33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 83177400007497004444554012496011
Connection: close
Content-Length: 1310
Expires: Thu, 02 Nov 2023 02:27:01 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame 397E
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

91ms
68ms

Script
application/x-javascript

144.76.91.199

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.91.199 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: cf4a5cb86acb94a1bb3ea40b7daae93301db978dc0817a6e0b93659307787159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25986900007521004444554012496018
Connection: close
Content-Length: 1333
Expires: Thu, 02 Nov 2023 02:27:01 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame D5FB
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

91ms
69ms

Script
application/x-javascript

138.201.63.165

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2dd68096493f4b5850542586ea563d0de9210ec72618647818dbeaf79c7876ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 44719300006706404444554012496005
Connection: close
Content-Length: 1337
Expires: Thu, 02 Nov 2023 02:27:01 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H/1.1

200
OK

request.php Show response
hal900026.redintelligence.net/ Frame E02D
Redirect Chain

https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

94ms
71ms

Script
application/x-javascript

138.201.84.244

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 255d84ce41693224c7f3140a5b5a71396320ddcc29dee669e15d3c1b2793f79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52953800010890504444554012496026
Connection: close
Content-Length: 1338
Expires: Thu, 02 Nov 2023 02:27:01 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame 0A60
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

107ms
84ms

Script
application/x-javascript

116.202.48.214

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 116.202.48.214 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f2a2726d830a605d609744b87d6c6e29c2eb79349b7b11e27f8c0a5da3e61913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 21719500007608904444554012496013
Connection: close
Content-Length: 1314
Expires: Thu, 02 Nov 2023 02:27:01 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEB5
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTf6AMyQV9p6ltXMvUUAJE&google_cver=1&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLe...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLeosA9bCr9MhNQn3iryC-vX4sbSGGuTCN5P26u5I7aY&google_hm=vxTo_LJ5Fm27q...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLeosA9bCr9MhNQn3iryC-vX4sbSGGuTCN5P26u5I7aY&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmR8jggnrADaB5-s_15AJXlp0v5pJwy_N9sqdBZB7qcWfBoOU24jLeosA9bCr9MhNQn3iryC-vX4sbSGGuTCN5P26u5I7aY&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame FEB5 43 B
397 B 172ms
168ms Image
image/gif 2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmTL7DdnP0EGROpEBiBvuZ0VU1tVb9CoDnE7jEPOB68AQYv3sFRKU76u48z1ptbyuq_XOCQyKeEO8tw6ky4AK6v5iBizyzMB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTL7DdnP0EGROpEBiBvuZ0VU1tVb9CoDnE7jEPOB68AQYv3sFRKU76u48z1ptbyuq_XOCQyKeEO8tw6ky4AK6v5iBizyzMB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f8ef9ec891903d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEB5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMS5W62RGNRBx-qhyhapoeI&google_cver=1&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrLkSiZXDd1shcXR
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrL...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrLkSiZXDd1shcXR

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6AD8E9AF559D4DF99411ED3502FA1E63&google_push=AXcoOmQbJdHyKkSMWTWD9bLag2LLLe0CDw0Juv9LWlNbACJ9YXYw9kgJrJ56lUzih5y4I9cRRGV_dMSVw_JXrrLkSiZXDd1shcXR
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 01 Nov 2023 02:27:01 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FEB5 70 B
148 B 54ms
50ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENmsdv_VFLHf3Qt7lNbH3TI&google_cver=1&google_push=AXcoOmSgWS29Taek5irs-EuKQizEuJcnrZ3yU28aEyPoKohBRsOccL7EtuzrO8wfEpiNs1FrR0ORN4xXwuWluYm_AkJUPK9sOiNg
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEB5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNA...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNAJT_6iA12zm7D

170 B
188 B

29ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNAJT_6iA12zm7D

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQm-3uxBN2v4o64RScyEuiBg75UEDbUdgFST1okDNCIIqLXk_Z-2oWtWRPuIDU3a0U87y4GOQKY6BmIlyNAJT_6iA12zm7D
x-host: tde-deliveryengine-production-5597b7478c-xf86k
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEB5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2x8_df&google_hm=eS1ycEJQX2h0RTJwR3psMH...

170 B
188 B

29ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2x8_df&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQDzzauJ_N5TFY9iqFUOLRgGKQJggvrWqlqYPSMPCemYVHBvNngLD08Ia9gz3PhG9QntC11pjkDfMRwnWhZiacmEG2x8_df&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEB5
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1tQtiqgW7I-lLGwJ60...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1tQtiqgW7I-lLGwJ601DOCKxf4dQc6-MVCeL21qBFwkq4x1Jo69vRMpreM8dscTOkK6YyXeGkBpXAT5ZzyKVvA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
an-x-request-uuid: ec44c1fa-57d5-4145-8b4f-86861950cc40
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmR982JGQy-U1tQtiqgW7I-lLGwJ601DOCKxf4dQc6-MVCeL21qBFwkq4x1Jo69vRMpreM8dscTOkK6YyXeGkBpXAT5ZzyKVvA
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FEB5 0
12 B 26ms
23ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpQZ7ggdZRpQCSr2kHQR-yDde5rYY6iXpVn08Ylw8M3RvPHT37jLpZiIVTVgxwRwk0k89org

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1948 47 KB
47 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1948 46 KB
46 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1948 8 KB
6 KB 39ms
38ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d02a80812635703d7e1c8ab390aecafa1b3c994b2044dd637a52c1d248f74e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5844
x-xss-protection: 0

GET
H3 200 60005582_20231030075136336_ASSET_SAM_Galaxy_S23_Buds2Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1948 39 KB
39 KB 19ms
19ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231030075136336_ASSET_SAM_Galaxy_S23_Buds2Pro.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca865cb6e3f6bbe50d090b3c58ea17228113ad6ab969f76a193bcedfc88963a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:28 GMT
x-content-type-options: nosniff
age: 46353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39562
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 14:51:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:34:28 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1948 28 KB
28 KB 21ms
21ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:14:07 GMT
x-content-type-options: nosniff
age: 11574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 23:14:07 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 1948 43 B
608 B 69ms
16ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893502_145340772_PO0401A20231031&ref=30943227_4307561_379893502_145340772_PO0401A20231031
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 1052985
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Mon, 16 Oct 2023 12:55:26 GMT
Server: cloudflare
etag: "2b-607d4eb83ab80"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 36076712
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3ee590fe-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FDB4 47 KB
47 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FDB4 46 KB
46 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 60005582_20231030075136336_ASSET_SAM_Galaxy_S23_Buds2Pro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FDB4 39 KB
39 KB 27ms
25ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231030075136336_ASSET_SAM_Galaxy_S23_Buds2Pro.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca865cb6e3f6bbe50d090b3c58ea17228113ad6ab969f76a193bcedfc88963a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:34:28 GMT
x-content-type-options: nosniff
age: 46353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39562
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 14:51:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:34:28 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FDB4 28 KB
28 KB 30ms
28ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:14:07 GMT
x-content-type-options: nosniff
age: 11574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 23:14:07 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame FDB4 43 B
609 B 65ms
16ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893502_145340772_PO0401A20231031&ref=30943227_4307561_379893502_145340772_PO0401A20231031
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 16883130
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 22 Mar 2023 08:05:14 GMT
Server: cloudflare
etag: "2b-5f7789eafa280"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 40418697
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3eca6910-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FDB4 8 KB
6 KB 37ms
36ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66933e29741fa102aa003cab07f97c245a777b7229bceda50adefd9092452479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2510 7 KB
6 KB 40ms
37ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13204ba3da1e1c19ed7b897eeac7632c87005300ead1006e4458f078f2c3d397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5779
x-xss-protection: 0

GET
H3 200 60005582_20230915074140361_300x250_LOOK_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2510 22 KB
22 KB 23ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915074140361_300x250_LOOK_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d478cdffc1abe3d19cf652ab20ff7df09a160ce28954967efa30e6155ec79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:48:13 GMT
x-content-type-options: nosniff
age: 31128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22616
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:41:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 17:48:13 GMT

GET
H3 200 60005582_20230915064936629_300x250_LOOK_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2510 22 KB
22 KB 21ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915064936629_300x250_LOOK_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc4e96cc53dd030d1f6ef3473fd792648af9f4181144e396b6667f7e167f95e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:59:20 GMT
x-content-type-options: nosniff
age: 41261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22831
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:49:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:59:20 GMT

GET
H3 200 60005582_20230919054003314_300x250_LOOK_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2510 21 KB
21 KB 21ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230919054003314_300x250_LOOK_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8a16d07d989ea88c02455ea336e811ef4e7895a61eb225063932842cb0bc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=h2XlsbzrB6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:56:21 GMT
x-content-type-options: nosniff
age: 45040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21374
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:40:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:56:21 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 2510 43 B
609 B 55ms
17ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893502_145340772_PO2801A20230922&ref=30943227_4307561_379893502_145340772_PO2801A20230922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-1-0
CF-Cache-Status: HIT
age: 17477384
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 22 Mar 2023 08:05:14 GMT
Server: cloudflare
etag: "2b-5f7789eafa280"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 45356224
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3d961cbf-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FEFC 47 KB
47 KB 19ms
14ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FEFC 46 KB
46 KB 21ms
16ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FEFC 8 KB
6 KB 44ms
38ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a0f044b200549f61b2790fd3e647429dd16b13a0484eb7de82f3b71b2f49d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5872
x-xss-protection: 0

GET
H3 200 60005582_20231018074030442_APP_iPhone-15_Watch-S9.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FEFC 40 KB
40 KB 24ms
19ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074030442_APP_iPhone-15_Watch-S9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:31:57 GMT
x-content-type-options: nosniff
age: 60904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40901
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:40:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 09:31:57 GMT

GET
H3 200 60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FEFC 61 KB
61 KB 23ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:26:52 GMT
x-content-type-options: nosniff
age: 32409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62713
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 17:26:52 GMT

GET
H3 200 60005582_20231018074052816_300x600_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FEFC 49 KB
49 KB 27ms
22ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074052816_300x600_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beee360d5d4757615a1311f877c3eaa128770c4687aa5455e960ad3dc2cc56c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:16:25 GMT
x-content-type-options: nosniff
age: 47436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50100
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:40:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:16:25 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame FEFC 43 B
609 B 42ms
14ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379662872_145353403_PO1804A20231020&ref=30943227_4307561_379662872_145353403_PO1804A20231020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 21362498
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 72628866
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3e51904c-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7FBA 236 KB
63 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7FBA 2 KB
996 B 67ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 01:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 avoury-970x250.js Show response
s0.2mdn.net/sadbundle/12505265398156424326/ Frame 7FBA 80 KB
10 KB 25ms
19ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12505265398156424326/avoury-970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b103899bf4c7fa95c4f3f74d74eebe8c244753eefe7e1a1c309e0deffd21f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9831
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:06:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:36:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A947 7 KB
6 KB 43ms
39ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41fc6c30fdbd9782bc0333aa22e268db8927eb2e40f2b5060552b47026824a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5777
x-xss-protection: 0

GET
H3 200 60005582_20230915074512859_728x090_LOOK_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A947 21 KB
21 KB 21ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915074512859_728x090_LOOK_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79dd53057726b936a1a09830544378d4cb92c4af2832e0ada32e7af918a62ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:12:48 GMT
x-content-type-options: nosniff
age: 26053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21627
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:45:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 19:12:48 GMT

GET
H3 200 60005582_20230915065039736_728x090_LOOK_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A947 22 KB
22 KB 23ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915065039736_728x090_LOOK_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c6f2f0602a218e0c6d67f9212c4c73094d8cc03e0883f25259bbb821c926745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:32:18 GMT
x-content-type-options: nosniff
age: 42883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22076
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:50:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:32:18 GMT

GET
H3 200 60005582_20230919053955990_728x090_LOOK_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame A947 20 KB
20 KB 21ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230919053955990_728x090_LOOK_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f61bca281d4dc1ac70c21fb71708e39da7947085ef38868e92e7b37ab0f3db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=ukpoYwF8iJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:56:53 GMT
x-content-type-options: nosniff
age: 45008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20913
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:39:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:56:53 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame A947 43 B
610 B 39ms
17ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893499_145341330_PO2803A20230922&ref=30943227_4307561_379893499_145341330_PO2803A20230922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 14102773
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3dba2bd5-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3952 47 KB
47 KB 21ms
16ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3952 46 KB
46 KB 23ms
18ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3952 28 KB
28 KB 25ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:14:07 GMT
x-content-type-options: nosniff
age: 11574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 23:14:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3952 8 KB
6 KB 43ms
38ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa59a1b346ab47588e340d74925d35e743b77012db8527d59072b336f10b4e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5905
x-xss-protection: 0

GET
H3 200 60005582_20230824063904642_50Prozent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3952 1 KB
1 KB 25ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230824063904642_50Prozent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253907f2b612b3496b25305cddb8eb331bf64c23148785f003fd12f71400a1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:06:29 GMT
x-content-type-options: nosniff
age: 40832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1387
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 13:39:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 15:06:29 GMT

GET
H3 200 60005582_20230824063803709_300x250_V01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3952 28 KB
28 KB 25ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230824063803709_300x250_V01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99546b2ae4c313c1a29d61cf23e0b46c1a41b47eb4ccb62d136ffe2e4493de34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:49:07 GMT
x-content-type-options: nosniff
age: 31074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28842
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 13:38:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 17:49:07 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 3952 43 B
610 B 38ms
15ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893502_145340772_PO0801A20230913&ref=30943227_4307561_379893502_145340772_PO0801A20230913
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 14102773
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9f3c112bbe-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C2AA 8 KB
6 KB 52ms
49ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38978bfaa7ced302fe1de9c5df94bbf14fb5e87545602a1a0a42ec9d3d391b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5988
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5410 0
0 56ms
55ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsso1NKU6ju_JUpG0OX4Z2OGE2EHNwrflEzGy0dYP6iGKwk1IhxlN5WcC_mF8lOp8u9FQS9F5OtpFeI0clrEsiHrkuUhSIS_DK78qg1HL7AdwYA25yYwKbICvPp53f2GY_MHQD-Ogo3Z2paMQehy8wbZqhbkVjrlxmZqW_YdPwJrhmyGX9a9prhd0nAZ4e-xjPZwAe29sKimyO0VjfrRUAKF0VSriAmIuCD8PLFHOr0vtb0kxa1xN_uLxglkL-GCV6QI3igmjVfWUvNgfYd7YsNhUnFtq7X9h5fJwCc3_5w3Q2HtIbJ882B7uvTNl7WGcbOts6uyePJ4CnWmgA_0toyhtnJRvQo8PPk9V4BsZUFO2IvL_xQD_ZyRtMzbU9R1Xwsu7CNCnJogG2Qn-Tb83bPU3Pt8Vlm4TfSd_Xv4d3F_S6DuwelLeOiBC-R_gj1pDnMHuDHL8FcSsjFkkJTo6-TZBYJ4ffN2dcZvJMY5LACBBdSkRMgi9v4Uj7_rEwlo2WoMC1OIXSV1c2TPBxdH-tt9eDFbRcaS97L9b9AXp7CEgy8u5ARukFdvAoVtoAOvk22p0WbVPPrjQeu_IeA8eM2fP0oy5txCkfk1GTUBcTzbWeykUEwh0IvkojqJQGCJHarPF0QIAL4y55Ij3Rmuz9LGhT-yuq7IHVG85c_sOD5ONlekr3ed4U2JSfM__OUzWRpl4gliSHfKgOvbWXM4RY9ncbh_NIFRbNUmF99kMVSNn-hnUMok6TN3dFX5jzk6la2i_5fm8DyK7ZxxgJ_Kk9nLWPNy8UGedOJUCf5UTFoLmm3SCv_vd0BQy-obqzhyj1cvkdafC-QVwAkGBY_U4vrvCYQOucRTImMRDy9VxXdiWeVk6-FlNuZXMzW8KS3fz_w0SLbZ-ZJoWyaIWzns0Sfwq1nVEpN34SjwzwAVrcDWW5PXV76OVZFZyMcxdTFSp0sqHirW3KTvKXBIWnkM7ygi9FRYaRiVSFeC_7EbBzOC6wWmrsnwJuIS3OFi9Tn8LQkX3lCfYPZn5RhknGvG7sqikM2JdFCjegRrk4kOMmrBNhjCPADnLep6Ry8d8OcBqU7TCjUralcFVqZ83wICOnoQqhrxn8rfIviLEAM6zw1qLtVEhABTaGgnbL4q6pWonbEaqIoa73IH_-LhWCdvhfxhtQFLnZxOI6C0uBz5wuoICb8EqmWFZBR7jvlggoYrsiS1Wcs0LMMRZVrvPIGbxT7gE9Bs6-pAImnLyudQMDdhyiuNrKa1hYIeFrzZowY7RjBpx9IulcboO00UO9bPUFfxs6wajQ-JVNE8HP8RQkENzI-UtUS5VSjQOsNM1p45XvDcomQQssNP4kGPBJuaUn4N8Ve6An0jbhbD_p61nmmOAa_zM1FjKB9dcBuXk2-ldqCwuqnn4YDBNASF_smxRSCedwLMvRPEgAl1hSbI3y7DxZxoALidHNl5E31CuU8Rt3N5LHwEOzAWXPbUMp9llndy6j5qeQRVzNYSr8LEhYVJFnIb7IhwkqzKoUeB&sai=AMfl-YQhXp9ZXywLTd-bQCRX0rBE5biUEZULE72uz-qMxnt6zRDk8pXidCzrrlkUj0rFVabEIDCo_SpMDqO66d553IJpjGPSMPV38h8Q27Hd1j-Esy1bZhv7SBvhzWlIroFC09iDeWGRTDJCNa-igzBwNs-WqhQsCw7TRLcfPl-o_PWq7o33JsnBtMBhrcjfemKhTfMSBVr7RxfA1Kef3VgiRemlOZGsqWnkCDVfUE34FFShitMkmqqPaui5dBJW9N5juS87iUHwt5kfwRYX1JPpsL_qXg-xLMRerLrLMfDidq_8RkRWBgtKzy5ziv5-7F-SM0awrQGFQNm-qCPK-EMygCemMaf8NFEa9-tE3XkIMmMPGAtpBgdSumrw6WDUaBbpV5TvZaQjTa_YWML03xn9OIt8D9ehB6M8f44rg3ifGDQQO6gXeA&sig=Cg0ArKJSzPAkcYKcOK5PEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1500&vt=11&dtpt=1033&dett=3&cstd=458&cisv=r20231031.62662&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A38C 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame E6EF 47 KB
47 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame E6EF 46 KB
46 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 60005582_20231018074030442_APP_iPhone-15_Watch-S9.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E6EF 40 KB
40 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074030442_APP_iPhone-15_Watch-S9.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:31:57 GMT
x-content-type-options: nosniff
age: 60904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40901
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:40:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 09:31:57 GMT

GET
H3 200 60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E6EF 61 KB
61 KB 18ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 17:26:52 GMT
x-content-type-options: nosniff
age: 32409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62713
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 17:26:52 GMT

GET
H3 200 60005582_20231018074052816_300x600_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E6EF 49 KB
49 KB 19ms
19ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231018074052816_300x600_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beee360d5d4757615a1311f877c3eaa128770c4687aa5455e960ad3dc2cc56c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:16:25 GMT
x-content-type-options: nosniff
age: 47436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50100
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 14:40:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:16:25 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame E6EF 43 B
610 B 22ms
21ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379662872_145353403_PO1804A20231020&ref=30943227_4307561_379662872_145353403_PO1804A20231020
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 14102773
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8ef9fec4b2bbe-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E6EF 8 KB
6 KB 43ms
43ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

371aef7e4ae0e93352d9d3f1eaea36e53a90307b0ccbf5a7b1bbf90aedebb98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5900
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E242 38 KB
13 KB 20ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C7A9 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 497595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 08:13:46 GMT
expires: Sat, 26 Oct 2024 08:13:46 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B63 1 KB
644 B 13ms
13ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6150 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f20df7f2b44c6077f9ca789f2852ab1e5ccb47e6a575ac3cd00079bd71b24f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1948 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 60005582_20230915074512859_728x090_LOOK_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C2AA 21 KB
21 KB 16ms
14ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915074512859_728x090_LOOK_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79dd53057726b936a1a09830544378d4cb92c4af2832e0ada32e7af918a62ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:12:48 GMT
x-content-type-options: nosniff
age: 26053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21627
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 14:45:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 19:12:48 GMT

GET
H3 200 60005582_20230915065039736_728x090_LOOK_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C2AA 22 KB
22 KB 18ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915065039736_728x090_LOOK_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c6f2f0602a218e0c6d67f9212c4c73094d8cc03e0883f25259bbb821c926745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:32:18 GMT
x-content-type-options: nosniff
age: 42883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22076
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:50:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 14:32:18 GMT

GET
H3 200 60005582_20230919053955990_728x090_LOOK_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C2AA 20 KB
20 KB 20ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230919053955990_728x090_LOOK_03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f61bca281d4dc1ac70c21fb71708e39da7947085ef38868e92e7b37ab0f3db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 13:56:53 GMT
x-content-type-options: nosniff
age: 45008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20913
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:39:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 13:56:53 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame C2AA 43 B
610 B 16ms
15ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893499_145341330_PO2803A20230922&ref=30943227_4307561_379893499_145341330_PO2803A20230922
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=EmSRLxB8vm&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:01 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 14102773
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8efa0bcae2bbe-FRA
Expires: Fri, 01 Nov 2024 02:27:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FDB4 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2510 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H/1.1 200
OK request.php Show response
hal90006.redintelligence.net/ Frame 3A20 4 KB
2 KB 119ms
71ms Script
application/x-javascript 138.201.63.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b2923f585e&subid=&uid=998786f3a265c4c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=325655850874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004496&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c4093cdf62fb7d6f6e0700ae8d2d90396b1e21a1e6c29d7f31ef0147450725e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 60953600009174304444554012496006
Connection: close
Content-Length: 1308
Expires: Thu, 02 Nov 2023 02:27:01 +0100

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FEFC 17 KB
6 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A947 17 KB
6 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3952 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C2AA 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H/1.1 200
OK request.php Show response
hal900015.redintelligence.net/ Frame 3E2C 3 KB
2 KB 120ms
78ms Script
application/x-javascript 138.201.135.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=3a64d983ca&subid=&uid=e657f194b4899b11&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMO0q8whDZZEj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9CURbDcipLE4iEniqUIuBTtG7GLHR5c027cQ6l6u23K7UjeoFD39ufLdKIR3PP4Tkhj36vdUB6F2B4QTVwhdxBvjd6552bccXb_E_tpGHRTLM0mD2F7uqviXzoWy0C4-BiKohucja5vSbjXTGr-QvIVTUtzxZGAMTCL90BxEXGkmrH_1LyDMDeUxNJtvvD-BU16neL9BBoUfMdIM4rBWztPGovQM18omfEn5zDPJ8WM3Yj5vC_Gcb0MRTRW5MWQETpN7HOftctO-QNWWrMj9xYIHba2HLukesYJ5THZHoVQJu0JN1Z2oUv2rh5CGo2P-YgSgmo01Kee6pWpHch0t775N7gmU19SrPdkPIVsXv_uF0UJZafeVnq7etQjHXFzX7ojiNRPApqjaN102k1C05IameDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwio5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_113ZQut44EpQU4GLk3MwHxfd5Ljw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-B_EiYhM2ozoqVdDXqlnB-mC47B3zqLXspUhw-dCksMF_eyDgCsT4caFYq1ge_1nlSe_Ifv1D4oBVeOocmYvtm_HrMjcHSBtyLbx6oR4uXKBT5rFh-C3sHcMK1IosQN0vQFIGK20fXjtmLfnadDNlfcYfaxeDyqT8WH3kdw6q7kgnRz9NU%26cry%3D1%26dbm_d%3DAKAmf-A5EBTm17yjh1B-A_FyRoZERPkXa5towt7_kwrTG50CxV7UwGVIOIJmknIFg4MDudyZpQtHx4B4FiB6yG4izxZ4nyT7REziy8MEqkzI_6hc7sqqUNCgD_2k_0fjE6FZUL_FePZtmJe7FHs_yV3O-RIaBbf49wzWNlrLGIrhJc63ydjpbI7iPP-tLhILTLnwrIckDTDRXEsX2HZdZSZow5ruXgF0AY3tRAgjmEmP1RBJIoL7vxo4oSqkc56AKvrzmPef2Y_cB9LcVEoha1JXGro57SKQAjaxR1dG4jmkjswRso6FOUCWMcUGqOY18BZY9vMoVZR5FarGDq3IzjlF2PJj-uJtO4C9bFrOlQKreWQaF50hPZMxkn6z-KJmPoCdypdiL-hs_mB3B92kmvV3mVXBgrz3TytY6SL_fQ1QgzU6X8Als4dEPvCo54bPcskJuA06LGxNH7jmKSqoKjk476vDl0CHai01DJ0RX9ymuhRGyJKAuNDX8ES8zFe1meiRYdObpFatoFNNbomI8iLgN_cU79l5ZbnrHb-AqnpuAciQElo8mDw%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1367945829500&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1698892019004497&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMO0q8whDZZEj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9CURbDcipLE4iEniqUIuBTtG7GLHR5c027cQ6l6u23K7UjeoFD39ufLdKIR3PP4Tkhj36vdUB6F2B4QTVwhdxBvjd6552bccXb_E_tpGHRTLM0mD2F7uqviXzoWy0C4-BiKohucja5vSbjXTGr-QvIVTUtzxZGAMTCL90BxEXGkmrH_1LyDMDeUxNJtvvD-BU16neL9BBoUfMdIM4rBWztPGovQM18omfEn5zDPJ8WM3Yj5vC_Gcb0MRTRW5MWQETpN7HOftctO-QNWWrMj9xYIHba2HLukesYJ5THZHoVQJu0JN1Z2oUv2rh5CGo2P-YgSgmo01Kee6pWpHch0t775N7gmU19SrPdkPIVsXv_uF0UJZafeVnq7etQjHXFzX7ojiNRPApqjaN102k1C05IameDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwio5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_113ZQut44EpQU4GLk3MwHxfd5Ljw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-B_EiYhM2ozoqVdDXqlnB-mC47B3zqLXspUhw-dCksMF_eyDgCsT4caFYq1ge_1nlSe_Ifv1D4oBVeOocmYvtm_HrMjcHSBtyLbx6oR4uXKBT5rFh-C3sHcMK1IosQN0vQFIGK20fXjtmLfnadDNlfcYfaxeDyqT8WH3kdw6q7kgnRz9NU%26cry%3D1%26dbm_d%3DAKAmf-A5EBTm17yjh1B-A_FyRoZERPkXa5towt7_kwrTG50CxV7UwGVIOIJmknIFg4MDudyZpQtHx4B4FiB6yG4izxZ4nyT7REziy8MEqkzI_6hc7sqqUNCgD_2k_0fjE6FZUL_FePZtmJe7FHs_yV3O-RIaBbf49wzWNlrLGIrhJc63ydjpbI7iPP-tLhILTLnwrIckDTDRXEsX2HZdZSZow5ruXgF0AY3tRAgjmEmP1RBJIoL7vxo4oSqkc56AKvrzmPef2Y_cB9LcVEoha1JXGro57SKQAjaxR1dG4jmkjswRso6FOUCWMcUGqOY18BZY9vMoVZR5FarGDq3IzjlF2PJj-uJtO4C9bFrOlQKreWQaF50hPZMxkn6z-KJmPoCdypdiL-hs_mB3B92kmvV3mVXBgrz3TytY6SL_fQ1QgzU6X8Als4dEPvCo54bPcskJuA06LGxNH7jmKSqoKjk476vDl0CHai01DJ0RX9ymuhRGyJKAuNDX8ES8zFe1meiRYdObpFatoFNNbomI8iLgN_cU79l5ZbnrHb-AqnpuAciQElo8mDw%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 8dba37079590d2048378ef73c3740e8213c844f64221be99337274c21854fcb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 44808800008719904444554012496015
Connection: close
Content-Length: 1136
Expires: Thu, 02 Nov 2023 02:27:02 +0100

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 529A 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E6EF 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:01 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 1948 26 KB
26 KB 14ms
14ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=o5cgwl5oBX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FDB4 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=uDZGMOfjBo&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6150 0
699 B 15ms
14ms Ping
text/html 185.89.210.101

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fuploads.jovemnerd.com.br&e=wqT_3QKYB-iYAwAAAwDWAAUBCPORjKoGEP_shaet37D6GxgAKjYJfxY1rmHvzD8RSsL_X1gqzD8ZAAAAoEfh9j8hSg0SACkRJNAxAAAAgOtRyD8w2s__Aji1AUC1XkjjA1C6iYq2AVjRxwFgAGjcAXj-9AWAAQGKAQNVU0SSAQEG8E-YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEGpvdmVtbmVyZC5jb20uYnLYAvAG4AJm6gIfaHR0cDovL3VwbG9hZHMuajopAPCkgAMAiAMBkAMAmAMJoAMBqgOPAwqtAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWYzMGYwNjVhLTIwZWMtNDE2Ni05YTBhLTcyMDZjZjE4NTJiMCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zCVhUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGaObQC4cnR5cGU9bnVybCZ0YWdJZD02Mjg1Mjc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfSLAXRxY2VjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjAxNDQ0OTMxNTkxMDYxMjYwNyIJMzgxODQ2NzE0KgRiaW5nOjBVMlZoY21Ob1FXUWpOekkzTnpReE9EWTNNamMwTURnak5EQTBOek0wTURNNU1qVT3AA9gEyAMA2AOlmFbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWwtMz637yH9XbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWg4QP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAf-9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=0c327409db56233cc40db3957a86f0680c3e9dab&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=478&bh=250&sid=8954906611632485873&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6285274&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
an-x-request-uuid: 80dc1de4-a720-47c3-8dd7-006c89a37100
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.139; 178.162.209.139; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FEFC 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=7Kpi8aepwv&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 3952 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Swc5M65tDr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 699C 0
0 53ms
53ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwybkijAI582mtJxzsqXLFMBxwKHTm8YCfQiTlb6WrhXtOHnxhpyPmDra97FGUbu0qFQ6J_Hy2EDzSeWTpAPmIk9AMvKdb5Br0T4tJVSH_umm0c4Do385Cy9tW689pOhCQGr0iSpAbO1fV6aFqNt5QSljV9bnwNIpgm83Kag6poeqXwLR0_1t4XxkJK-Fc4kFnOLDiiuQfltzn8CwljAKEPqT8S4fjQemxGxTXQ8D2e0CnGilrVK5nCOTF4e1udJF-7YXSLSKcL89woP7I73NJsIx3HBBuj7JgONc2sn2g-08E-Ht9SyddvueLCd0oJ20jsm0_WEEw3IuN21q-js0rc4pUhV5vDdp_SeMywEVs3vb1wGQPcLzi3uPXO1jFgrtpUI1lVZm7IC-yJKYxS0cgJil2M7QcRKI6NvnYYIIPi8NAn14BOLV1CGpSaO-HtECUfMAkinAcWd3hiyIljxJakO5u_5aTsy5_dJ2KScWpS-MJ3Unyn-VHdeP4o2Nn5pm0INu78__7oRsUgLW6vgZ1OSwfFlkrxYO7dLvfeSazzxBmIPSoXjnOd_UrpLkm0DN2jOq63hhydRQZ7ttvfYu81hdvX-xIL0RbbstXzzRQbzteyWLtun5bK0kop8UbZZ3U53YF-2Epc_DsP7nwyJoW4YOkTH9Q8MMeKQRo2vlFN83_YJ41HtpIyJH8A870JHNJww0cV3ajMlvxdnBhybrchbYufp-oN1y8TQaQmM0JBjzja64Ju2lnpNmILgBoEQmv2zMhm6POLHLWQUrROU8mCmDEQxKCl8hoHdHc9-BGicYIi_KW-qB_7PL6qIHetwiSEJZnCOSqXBkO1XBLj39BTqcWIsvvhVF1EBvv7zyY7sLECew09JpEVqKoN24kNviysHOPvyPbdy_w_eiMkJa7WNNkyh7bxxTKJcepN8cbQ4p5H_3cD6gpbu7E_UT5Y8t90T6TIXvP0l4Pw2QjIU6tPQstOx9pv_MZGGmux-DJplLDKcIN5RrwsH4EK_-b8iDT1v2YCqr6S4k4Njec-8S4yGb-bGHF55nsQ0SJq1wz-KzXAFm61XO0LySGAiDSUJwdKXML_i2uw77a1XuEEwJsJKEkqnkRxtKkwq43TZW_k084RD20FemW5nI-s6Itd2CojESqnJY1EGbxx4sbZqmeZcjNYx9leWuKpLivIuTUR1RnODCQzcVAN9oIViCRCawk8JzPshFqsNM9-pgL4mi8xJ-KFTc7O8znUZRk60R2n3_1c_izYwmSPhKZ9jJwPIZ7Rn8LeCOnKZcgE0f9sZamBtOO77VEMx9p1UM36mwjtucXw1kGJuosUQbOozD2i80usRQQWq66adwkpmfNhtpQoic70aileI9NQXgaCyuJqpgEg4wD2BataxeuSWtfubvD95n4tihD3g3FRRxegcFKkfcwlB4xgTqjkbfZ-4IEqyDJLfe4ZRV5c8xV7pnYLnSckBAKimmiBuaAhuMKqEAqrubrGMFl0Stl-LPwvaBuL4uXhQ1WgX6Q&sai=AMfl-YRN9VYjDOJYgNthUtfDointDvITa9eC2TNYf9CWePoE-62F9zTND1E1NEX7-LgKuZV4OXLgC_gArnW4_7BIelng-qx2zuFimjLblKMj62N6hy5C70ENBjuNFKUy0TuwsmcKmEqFMCQ-hk470iywAekYbT1ueGih8B_gMFHtVeXVbgV7VT7vg1RDpyVJXS58-zXd449wGig_MplIib_BmNE2sfRhFZSDkO3wOHhUhpbg76o1W0tGNZNp2MkmaL5ktpuyi8ZOHrQsr5R_OpDl-1IwvcnaeKg4TUEFT9URAdV1S6BivsCClIogwCVLEN9CndSz9q5uuzmucCLfpddjbcnZy3672kT-Q0M-RVtBG7eeH7aeZN8fb1gxqjrIaI0-QSn0eiiOiVs2mL0d6eDnc7UgTOb2d3rb73DrVN-kjY1q9sH9JA&sig=Cg0ArKJSzNHI8sQdsxCNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1910&vt=11&dtpt=741&dett=3&cstd=1163&cisv=r20231031.07431&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame E6EF 26 KB
26 KB 14ms
14ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=diWxUH0XQn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 94B0 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame A8A9 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 6765 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame BAA0 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 07FD 38 KB
15 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6150 0
0 58ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQbxK8whDZYkj0YfU8g_surbYA9Lg1-Buj6S2k5MKwI23ARABIABglQKCARdjYS1wdWItNjQ4NDM4OTEwMzQxMTc1MsgBCeACAKgDAcgDAqoEqAJP0HepUfec3BIvZb1x0Kxm6XsjaqcmztAy7T0EaXGZB5RLeQQkWgqCe8h-KLdvE-SEftjLlhNEM_XlcKvo5APYWDDcaX4NjI_rXXjc9Hy_PiuSrPBq-WCJ3v0unmXPo2n06B6VBJ8f1zRFwHd9TfJb4dZEA8lrjC57cjrhpi7gOKii5gu8dIga5ytatEn0yMCS18BxsCegrO0wdYdwM_ZRYBUGoPA9DXSxDa40090vqQYmIO1YPJsvNl4AsV4H0leCecmxtMfS9y4uPLlr_GJf4wpkdljZHbtI0PfgSYAJqpd16V8khtQ_7wI2OrhVrnTU6cHL3TFtXKgqGt_LrLjvX3KH140JOSbNlDETeG3qHqyYHfT5zm5UaD1DmXOEF6gPNtSEVaSvJOAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02NDg0Mzg5MTAzNDExNzUyGLuwcA&sigh=GWbUFRp3bWo&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&cbvp=2&vis=1
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 6150 0
648 B 14ms
14ms Image
text/html 185.89.210.101

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fuploads.jovemnerd.com.br&e=wqT_3QKYB-iYAwAAAwDWAAUBCPORjKoGEP_shaet37D6GxgAKjYJfxY1rmHvzD8RSsL_X1gqzD8ZAAAAoEfh9j8hSg0SACkRJNAxAAAAgOtRyD8w2s__Aji1AUC1XkjjA1C6iYq2AVjRxwFgAGjcAXj-9AWAAQGKAQNVU0SSAQEG8E-YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEGpvdmVtbmVyZC5jb20uYnLYAvAG4AJm6gIfaHR0cDovL3VwbG9hZHMuajopAPCkgAMAiAMBkAMAmAMJoAMBqgOPAwqtAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWYzMGYwNjVhLTIwZWMtNDE2Ni05YTBhLTcyMDZjZjE4NTJiMCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zCVhUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGaObQC4cnR5cGU9bnVybCZ0YWdJZD02Mjg1Mjc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfSLAXRxY2VjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjAxNDQ0OTMxNTkxMDYxMjYwNyIJMzgxODQ2NzE0KgRiaW5nOjBVMlZoY21Ob1FXUWpOekkzTnpReE9EWTNNamMwTURnak5EQTBOek0wTURNNU1qVT3AA9gEyAMA2AOlmFbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWwtMz637yH9XbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWg4QP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAf-9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=0c327409db56233cc40db3957a86f0680c3e9dab&pp=ZUMI8wAAEYkIVQPRAA2dbEZpH6AQzf9lF6TwuA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGdad8whDZYkj0YfU8g_surbYA9Lg1-Buj6S2k5MKwI23ARABIABglQKCARdjYS1wdWItNjQ4NDM4OTEwMzQxMTc1MsgBCeACAKgDAcgDAqoEqwJP0HepUfec3BIvZb1x0Kxm6XsjaqcmztAy7T0EaXGZB5RLeQQkWgqCe8h-KLdvE-SEftjLlhNEM_XlcKvo5APYWDDcaX4NjI_rXXjc9Hy_PiuSrPBq-WCJ3v0unmXPo2n06B6VBJ8f1zRFwHd9TfJb4dZEA8lrjC57cjrhpi7gOKii5gu8dIga5ytatEn0yMCS18BxsCegrO0wdYdwM_ZRYBUGoPA9DXSxDa40090vqQYmIO1YPJsvNl4AsV4H0leCecmxtMfS9y4uPLlr_GJf4wpkdljZHbtI0PfgSYAJqpd16V8khtQ_7wI2OrhVrnTU6cHL3TFtXKgqGt_LrLjvX3LF1ayb-4I3-aXpDNh0RyguGdfzSmd6cOThHyoAqyglGsxE1EbCsA6v8uAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LkkOc6mZM1lIq3p-ui-GDcFM58w%26client%3Dca-pub-6484389103411752%26adurl%3D&cbvp=2

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
an-x-request-uuid: 8dcfaab4-77f4-402a-a9c2-6181faa0e158
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.139; 178.162.209.139; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame 5701
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

0
628 B

48ms
31ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8906_91EFC182:01BB_654308F6_18DCE2:1A428

GET
H2 200 /
adv.office-partner.de/ Frame 10DA 930 B
923 B 96ms
11ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4ff00ae45d&subid=&uid=6c16a3a6310f339f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA3A48whDZY0j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbcpWrC5pUGeIOS__w4DU4DliV8cd5HYJ3SbfEBH8gFCPAvwxQltRfWX-X9V9XfdweQ90jE-OSKIZZntowRE4RSkDpuAIia84dpJAkikFHjMsvHZMextIcZEnIovEFXWPzuxcJV6XsARoEZeMpwaXa4H9TZRM64PKOL8S7z8R_KWtRcql58-KhCIxYGvHdnoaN-YzcLkBX3WXlsMlJB56PMAclFCwyTCUeNVCU1feteYDdWVA0FeC528GOEUR1PlrnmPQtchmBwr_3GKiLAvEnVA9JNMCk2NQ5iC14OKsG7ORV1rCBk1WVqug0Ix63nycCxPVlpOMxPZFxsfp2h6ynIxN3eAHWAoDG7DTrC3dvjr6-Ae2m8pEn4ujfLdvBzp0INVJ7euv0PeZilvpu5yRNveDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwik5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1zI-sIgMPO4CD1PjPiBANaPRWtZQ%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-A9F-B7UzhwN7Qip2rGbBBd7NI_KTQQD_7oMQJ_BCIPPi4Q4Z3_27AyYJ2VE5UNP1oRdfP2FIJgNYnCK-zPyY4bfpzmVV7VN-ncZYX4kJWXR_51B4NjqJsgOv-0G8N6zN_IsnasW_s72mI7ZtxCsltUSeaSutCSZeTk4p4TvinmYN7EN7U%26cry%3D1%26dbm_d%3DAKAmf-CFPC43AykpECH9tG_RYlodPxNnD6UZ0uDcqduaY2hyK9cxpfk-pWFjQ0eqDO1aig0MoWEdM8PbKxyvNxk1ACvUD20Upg__zdADy2lXEHkz6v-BcntmhisMxwIf1wjb1NrMFxnIAxzKjVNrtLvxLLYlE73f3Oa2kAXwdGGc8_MpwO3_kfbAYoM0PTLG4YCHlyegKxn-Ji7U-acLo6QA8xigs5106n6T1HqyMJU_MNyXhv-cAuVGR3N3zxYsIkBbOTHp-tkqest-1cx1sCPCvDzPWn-TMgDDdYejrosBTfVraHDc1nDKLywMaZQ0JnN6DKj-wdgr3aVTZmnI4mxV75kOb75Y8tbPBzoiW4K22XXlQVO8bWn0PLnbb70xoMBVY07Q4oeBnQWG6F8ThFe_72ZWJyl6G-jF0bpB0zBt8d-3xi1q9JILzokjf2o7gnYd_YE3KjeC6KWFvE2tt5dJeCqA0ykSIUYq4r97Z-hR448iCKu9_RaHlk7Kdw_q2SVtSNvnAKB-I6xOtxeVXpyEPVso2h3SkXlBpQklHOOvK7RM9nOV5eE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4638713689724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame 7A64
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b832&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
201 B

76ms
33ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b832&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b832&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8904_91EFC182:01BB_654308F6_18F0DA:1A42A

GET

view.aspx
pb.media01.eu/ Frame 397E
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

0
0

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 397E 43 B
665 B 367ms
44ms Image
image/gif 145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=25986900007521004444554012496018&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:890A_91EFC182:01BB_654308F6_18EFA4:1A429
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H2

200

view.aspx
pb.media01.eu/ Frame 31A8
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

0
200 B

77ms
34ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: B2A2D18B:890E_91EFC182:01BB_654308F6_18C787:1E87A

GET
H2 200 /
adv.office-partner.de/ Frame 0215 930 B
922 B 94ms
11ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=bd0b8f06cf&subid=&uid=ec990e37c88a4028&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR5I48whDZY8j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DbjtnzkC9oi0cHcWRPIANmZ00K9pwuUZokr63Ntpq98_cLP-Kwzi7t4MZwasAvvyqCGNVVffzWr-zGMO3P2Iz4liiwstArOPWWudPszc5Uv_5EE8jtHWqIVJ0nIQ0BRM2inc0HWUGbR1yf_BRv32CRgn1vcCLQAUY5UOWVEMSGAQGZQpAk8iQoVBCQQce5xBRVgCOsiClMR8JVbav96GA9wQOGaAU0gYdzlexYYc2NRKDjYSNLtBITJpxRN_W9TiN8oH72l1vPRjNOIZjOP41e0eUlEfWHEFUsgxf1GDxYLxnpF4MdP6o_oT40tsCwHFBh6Xv8JM0yL6mjwcE3NnjC9zpyQ2CVG-8mWGqH8m5bKOkBAPytOy64uLYgvK3IV5m2rO4zRhx-xbnFn7PYoCnqFGbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwim5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_2D4-3pgbgG2OcqEX-BPpU-Ow1waA%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CK3lweXtiNxS_QoYHh_4MacoX6nzk0iI8FWy0ph0noRpzX4Jd9QqEX-OVxuRNBcOZQIZ-aP2PUC0padMP4kg1tVswulUAYz5s-LhLKpxhZ8NcHaK7LZf5semqtI4nj5x67341TVOLPqKI9zCQ4v9xPwStlb4N1PzTmyAqG4QnminRNHY0%26cry%3D1%26dbm_d%3DAKAmf-BqpUxLGQQd81vf3xmwp9cNmvy7z0XGUCXI39ban_fh_0nfDQ1f5sKCLfpJoCnQj7zePo9jvkoFxZ3obZzyMTeXwk_6xmywC9S9S5hUz3ZLtabzkmwk22jyxNHyBSH1meJTYpOc3HUAiYlE9HA4gwdZEeWvbRQWTHCiM4PrVa3W-hdbc9X8o1EEQch7Jvio7I8xKksgkw9Pg9Ws92oxtwrfefeWJynPna6cU-i7X7SKs2ueWc-7d43SLq0U6dtQ4qypRyvK3HWVGchq_2y_AO2c5ejAlexXThh-mPFptl66jCJ5qQwrsAcQfOIiAwqq2x99i2pmZ8yjKl_nzdx-pQH2Oxlx44kNm90zMudFbe2ZBMa0hxlzVlqCVaWzCOGjvyH9CN0yyhtB0SgVv-BDIwtN_tqYdUpxh2i0_bhvtAvahL1dn4Gqu0QSFEO0p3WZ6S0cdg4_47mzVtndwYEeXVoibT43C_FlMJ81KAzuiokuTCBYIUov5nKIl3_NaXotBM4ZQs9bkwCt9MffNnIeaICHaLr4q6CTnbBUre97SNfWBN4Iq0A%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=4493068261301&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame BF07
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b838&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
200 B

50ms
35ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b838&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b838&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8908_91EFC182:01BB_654308F6_18EF9E:1A429

GET

view.aspx
pb.media01.eu/ Frame E02D
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

0
0

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame E02D 43 B
665 B 364ms
43ms Image
image/gif 145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=52953800010890504444554012496026&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:8906_91EFC182:01BB_654308F6_18DCE6:1A428
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H2

200

view.aspx
pb.media01.eu/ Frame CEB6
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

0
200 B

83ms
40ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:890C_91EFC182:01BB_654308F6_18F0DB:1A42A

GET
H2 200 /
adv.office-partner.de/ Frame CE51 930 B
922 B 94ms
12ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=e27fb4b8a3&subid=&uid=ad166c77298f3dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCHnTQ8whDZY4j0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9A1hj1ldNwAK1jDFwuFxNh2CbHVSuFMNnutgRd0s-poxyU-xgmih_kwWqwONC9ZE_xNmay3ckRvmmQq7qMbAD7ye0wU9dz44IBmU-lKtP3AJiSKaKAUcKYhOLle73H5Aw9ygKs1IhuPpsyVd3_ISqiTuACfUcMrbIpd0gqAY7JBb7aLarXzkf7Csr_ByRiF8lzJf9_crQGpqKO1C7UZTSQJfFyli_pKVM_J3jOvpEphiEO5Llj_7Cy2lXqJ_5XULq2aCLz2Ie1XhDXDU-CUDtXj8ppjRcuy-C69dvehAMjHd8RimsitY3D4Q-PzJRgePGJomoM1iHQBlgXobxFUwD45mXb6n_YHeVktedzmHFSxI84S29Jjk-hNvoHFLIUz5cwqjF7pkNSbxUUv6urhQnN_BIDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwil5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0sRFrSMd8aS9DkT5h6fapjQVJ5cw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-CLzdLHDuZyBsij1o4xJAlq-XiYw8lm6PJDow7WlvPAB4LFd0JL4YYGKpu__P5IWzAY79oJ4_mhoV8ICZqFaydwTFX1CyONmHX9SsuiUJ1V0dJ32hKjRIwrBznwLdQl_v1eNouB1BKnoAnFczT69dHvylAZO4A20lN9rQ7nL4xS50-d65c%26cry%3D1%26dbm_d%3DAKAmf-C4ATzDQog2_GHstIjU8qaldR1vKYKSGoZ_at2oruPSY6ck3MDVwr3S9pMv4CmViqhUCs0yhoBvg1wMxji4Zejo--SOag7e_Ck9xjUvzOqLzx3blsGGgrkRgHgo3qF0cfHSGd-GnigjH2QrHb2DzYcs4NFV1yZNYbkX_bXaCLgtv0nh7me5fRWo92k_-K6fA-9pUbXnjik9K-4irEi-UFG5XO55fTJMWarUJi5E9xadnCGv0TEBvpbHvU7nBdR-a1MyCssDG0gzIfAi-hQkpjVWbizFqoaSZU0hUi6qG0_nliwLBJr3x_0gkrwAli0XfKxDB6kDibC9fbH2UeC0U3MxypauWUJUsCAV0iVZIbEomhs-NFzHi1ygER0LSwbpV4jRxi0BDTzvA-i81QGhdVeOPjzpD33ep-dtLZvCEtvgcd2e76Sk7_VU3PDmS_S9QXnfMSZZLctlAe7igIWlHvOeq_Wc_luLFHu-MB9CbaArFg7zlv9zWH_nOywVCrH1JABfW1Z7QMyksbOrLJznHZr-7IUKVkLKbgWUuV9JkOUCV4dZ1Fc%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=2385213427018&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame 1684
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b839&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
202 B

51ms
32ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b839&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b839&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:890A_91EFC182:01BB_654308F6_18EF9F:1A429

GET
H2

200

view.aspx
pb.media01.eu/ Frame D5FB
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

0
36 B

20ms
19ms

Script
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:890C_91EFC182:01BB_654308F6_18F0DF:1A42A
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44719300006706404444554012496005&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame D5FB 43 B
665 B 359ms
40ms Image
image/gif 145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=44719300006706404444554012496005&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:8908_91EFC182:01BB_654308F6_18EFA3:1A429
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H2

200

view.aspx
pb.media01.eu/ Frame 980B
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=21719500007608904444554012496013&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

36ms
36ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=21719500007608904444554012496013&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=21719500007608904444554012496013&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8904_91EFC182:01BB_654308F6_18F0DC:1A42A

GET
H2 200 /
adv.office-partner.de/ Frame C081 930 B
922 B 91ms
11ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame B7F8
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b841&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
201 B

29ms
29ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b841&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b841&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: B2A2D18B:890E_91EFC182:01BB_654308F6_18C789:1E87A

GET
H2 200 link.html
track.webgains.com/ Frame 0A60 2 KB
2 KB 241ms
62ms Script
text/html 13.42.240.154

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=21719500007608904444554012496013&nw=1
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.240.154 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
last-modified: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 02 Nov 2023 02:28:02 GMT

GET
H2

200

activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371
5994599.fls.doubleclick.net/ Frame BB12
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371?

391 B
286 B

29ms
29ms

Document
text/html

142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371?

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Thu, 02 Nov 2023 02:27:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php
hal900013.redintelligence.net/ Frame 0EF3 7 KB
2 KB 37ms
14ms Document
text/html 116.202.48.214

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=c69be7db31&subid=&uid=12b15e49dedbef49&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoRK78whDZYwj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9DR9sS14RH9lArvNv6oy6yU1AY5Cr5YfMaOsGFRDkpx0i386Uj0vGaPDxCk60NQTN5KIZqs5hrpypYEZ_B6DK6NFGfSOJQiHBFtwngnJKgPYNVNrKj9id9-JgasKt3V7lSY49xBLKDAr9WSmFK_6l5CGEN3UzO87GLt0AyO3RZNeYW91K7y9FxvRLurkvRKcyxeRhARP1ZFUeA-0hsdGB34oiuZUn-nsHRA-Xw3xBuJgNXdW9Ib9yrOm3VeAo2Y6ifuWDAQmlMKnj4kLyYXYnBnzgdIJeVvTCNH-Us-0xHcpnj7SBaCKWwfBhbBYgY10dMzIjLMpoaDtWRvoqQRi3IIQ66bwzJgG-8ib6mPnuMcTQF4Iw7-gCUqGa4w-Q-fztxDRRuuVRlB-zAWEUrgDQ4HNEXABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwij5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_1EGtqXDJr05cWTuG0KBZ5Ejn2rhw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-ChnVFnt1yG8LPw7D2I6k3zZgIETWVWxCB8HiAILXPRVLubQojLC8791W5GEo1_GEvge9PMpv0gfcFrNAs154Lw6HXvzEfQa-lkWwXlO9MbD-eqinvk05eji5_x3A_VckTv7Zy932exn7Pd-G5yx6DFwh6RwkeUszZzzoUvXq2eebjUc0Y%26cry%3D1%26dbm_d%3DAKAmf-BaCTiO-Ojgg9Rq2XD3nYyxsq83QGD1VEljO7zdU1ftC7_wvLv6L8pn3N_o4Nf2fM9TNUwcKJdoOJlIduDiKUZz1Y6EugVr1jOj_ywHDI1RAA480TgaKhT7s0-evJKykAJRWorjJ3A5Uyc6kBNUmZUB5Dw3bdhqw81iXsQ8yDcUwvA5-dG_r9hzdq5Irvmdqlf-D5O2_pNUvCtfB38364IeAKfPpu9A7dDtfu1zENex2F1Ee8NAvmRgWqAKkzi2oieI37SsKHe8JrS1AUOFpMFGL4LVsq-_1kIb1-u1CFDQFel-_Kt_6evFXe_4n96nbQZoZwfP8QGcnKVtCspnyIb_IXnWP9YTsIUPSGlo_UMjgz7NNVn6Y1vXV7mwH9egwQYtxcfgAwzrPfTll1dKET5C6A9OF0G9r19cJYRvMFZt4QgZUjPFmbtGuJWdhY1Hpdjho47kVygvADm4ZxaPbmpTDiG4RrKODwSKYIm3qBKA7nImlEGKgkzYZx2DAF2TlTNdYYWIP4htKL6Koa4V-j6nJFby74J2Zfek1ZGm5CYJQbEixl0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=7020903149666&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2068
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Nov 2023 02:27:02 GMT
Expires: Thu, 02 Nov 2023 02:27:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 0A60
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
665 B

167ms
44ms

Image
image/gif

145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:890C_91EFC182:01BB_654308F6_18F0E0:1A42A
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=21719500007608904444554012496013&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2

200

view.aspx
pb.media01.eu/ Frame 6792
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60953600009174304444554012496006&actionid=879111&produktid=ratenkredit&dt_url=

0
203 B

34ms
34ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60953600009174304444554012496006&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b2923f585e&subid=&uid=998786f3a265c4c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=325655850874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=60953600009174304444554012496006&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:890C_91EFC182:01BB_654308F6_18F0DD:1A42A

GET
H2 200 /
adv.office-partner.de/ Frame 1309 930 B
922 B 88ms
12ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b2923f585e&subid=&uid=998786f3a265c4c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=325655850874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame FF4B
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b848&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
200 B

26ms
19ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b848&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b848&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:890A_91EFC182:01BB_654308F6_18EFA1:1A429

GET
H2 200 link.html
track.webgains.com/ Frame 3A20 2 KB
2 KB 254ms
79ms Script
text/html 13.42.240.154

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=60953600009174304444554012496006&nw=1
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.240.154 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
last-modified: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 02 Nov 2023 02:28:02 GMT

GET
H2

200

activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33
5994599.fls.doubleclick.net/ Frame 6B32
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33?

390 B
281 B

32ms
31ms

Document
text/html

142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33?

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Thu, 02 Nov 2023 02:27:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php
hal90006.redintelligence.net/ Frame 756D 7 KB
2 KB 35ms
12ms Document
text/html 138.201.63.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b2923f585e&subid=&uid=998786f3a265c4c2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7kW08whDZZAj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9BPBgp-7uDbIrdekC63Kid1_YJMIWU7zjw6xFoWhQF5hOxQJOzgeUjPSCiOeCI80cj6KdxcYHCJsECfsa4EyzfzspPV2ESe4JYvafLZYSrkYRCDJJlEEPgJ1vAcAINJ1wL8SEKuZEcpCNpLCCAB5nBcV7Q7gfgcFJ50pU1pJR6MH3syPEwkoshASaSneZXzRPs1E6ad-x6q3PHDFO0pfx-3BD30vVWekS3pgIYP2n2qVbnVtxmAEy8Wh7q0_AUYBUpU51Ly7ozhA5QMUqU0w0TVMZMcjB06V4_s79jYW-RF7wCzry3EeIMctfyb5ABSjrUX292nAigiQy4o-VFMHBvZQTXKF7kXNua7uXCaKolYdPoJ0ha4kp9rBO8zQuCvBDW2bTx8xUxdjE03YH4visxFUurABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwin5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_3TzLOF8xs8cBUrwFJfI0A2k5XK2w%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BbLogJ_waemr2NuPkNanKYHqgV9gYFsLG8kTwyKxaRtN8u4JONJM7urSmsCLqZb_T62nvanMTML55duJIPmha3i1BtnEQSfYkV76xcfPPcsdEil3sisFO7WJOGAVBq1kvHtMBZWW3hoBpA0qYWuWp_c_rHI7bopHKd4dhZJW40-PFYlAA%26cry%3D1%26dbm_d%3DAKAmf-DjCTYiK5qqZimdWYIV-ev23Rr7EIJVpwjSk4E2haW5x-8BPqSsIZ8Ehaa44QTpjJAX8xoSoNi9OABHd3zGtceWyOwY_m_-vOetH3dW2TRtjUnPNyFZMCg7RijCmozz7cFNhKvi0j6fV5nkcYTEBwxaZRF_BXk4my6hu7I-OtRAllKSJgm3zdX8nn8pOPRCOTbUVQatI6lwv6nhsg80L2N-F6AhHbd64nnhe4ZuCKsGgp_Qpb6bKjXL8JmQTKLwlVvA-doAbs6YUVxMPWWr3nCkvqYJG5QD3L9TctNrBDusaJZ42ILkTjYL02pFXV5Sm0kyED1F7sMH3WtCLoMYUEnQfTWdsZgxzBB0v-1bez1wWpC3XNvzsEtTI5CPO-TyfdJC75lxwQR4Pjt8dxLdLdYGI77GITiQGrdGJ-gEl32kE5C7mEvvuv1PUywkkcnPBstlkUfL5haLaabZvgf3sOSGg2fWDi7QzSguzIjkIOB4NeAAH_HK8XAJPFt66ng6swwpLZDcK4-jXBcnt6uFalB_qxu3VVnn70BJEDzm4iPOmScxxPE%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=325655850874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2052
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Nov 2023 02:27:02 GMT
Expires: Thu, 02 Nov 2023 02:27:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 3A20
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
665 B

169ms
43ms

Image
image/gif

145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:890E_91EFC182:01BB_654308F6_18C78B:1E87A
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60953600009174304444554012496006&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2

200

view.aspx
pb.media01.eu/ Frame EF7B
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83177400007497004444554012496011&actionid=879111&produktid=ratenkredit&dt_url=

0
625 B

26ms
19ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83177400007497004444554012496011&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=83177400007497004444554012496011&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8906_91EFC182:01BB_654308F6_18DCE5:1A428

GET
H2 200 /
adv.office-partner.de/ Frame FBB2 930 B
922 B 85ms
13ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 02 Nov 2023 02:27:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 09 Nov 2023 02:27:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx
pb.media01.eu/ Frame 684E
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b84c&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
201 B

26ms
20ms

Document
text/html

88.198.250.30

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b84c&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 -, , ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 02:27:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Nov 2023 03:27:02 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Thu, 02 Nov 2023 02:27:02 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=654308f60363e6c2f866b84c&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: B2A2D18B:8908_91EFC182:01BB_654308F6_18EFA2:1A429

GET
H2 200 link.html
track.webgains.com/ Frame DB6A 2 KB
2 KB 247ms
75ms Script
text/html 13.42.240.154

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=83177400007497004444554012496011&nw=1
Requested by: Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.240.154 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
last-modified: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 02 Nov 2023 02:28:02 GMT

GET
H2

200

activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465
5994599.fls.doubleclick.net/ Frame 2BC6
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465?

391 B
324 B

29ms
28ms

Document
text/html

142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465?

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Thu, 02 Nov 2023 02:27:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php
hal900011.redintelligence.net/ Frame 084B 7 KB
2 KB 39ms
16ms Document
text/html 138.201.64.38

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=25f56881ad&subid=&uid=cb7a56fce6dddaa8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkov38whDZYsj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9AFgtuEd-eVPXvMaJBJxG8HMcjCNWKYYNh1kYQvFy5_Pmd4Sw4OwvLJkhYsvV48rhURxkshgd6b-sz0wdffn8JipnK3cqXknRQsx5XcoNB1zelYt8yU1Zf5PJi6kiHmzMuMcSo8diTYwqH3w1Cs1WFyIUgW688Lk1WKjUqqTRMpaEAu5qYbiVash1ckC2Mc56YC64t-Sv4ALA6SPzvM1NMkk1QAgXeOur3zpdZARuDW7bRfAMdhQAFYU-7q6DyRsLy9T-tK_b9rkhYsEoPnib3pGg2RMfHH0Hte_4iFRl-cZuNfY2xKxUuty1TnJQeOSJKPJYSmrsLp4QWBv1D3ulgr0VfRQdi_YDNdziVCWkefLqiuD086q6uV6Y2O2fzCedtNLP61W9Q5W8cSp8yQTOBAhRTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwii5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_0Wb1tiJViPRLrUZhCf4nnMBIlM7g%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-BYBfzB-WcBGyusBn2kMPJGn-m8SpJB4wcNgOrkLfYlu-d5sPKPtyz9v7cO8lMcOQG98M8bUWLfdrG7sf2ev3IrS3JoKqnHMiHBvUJ0jX_UOh7Yi9zcxPX_uYQUHuUuKNeDSP7T3dz7eAoH2Vs5oov_kvFuX6qmgVVghjOv0_G1WBPm2Mo%26cry%3D1%26dbm_d%3DAKAmf-BjUeHs3VYwJTlrSsgMnn5sc2Aoj699NmjguBgI6WMk8JAy_SBAuNt7JkvLQfgZG7IglTYfOpwV-F33QABpJu3ISuvQL4SzNWyaLkkenbhNY75o69080V3WH20ULuyvZbClZz1YXecNk3PU3Cr4WIO3woNSHdR-jtGXeHw0ZqJx8RHHM6iQ_cE2NBNxUoYX14VzShKiYpyL8zOuNdKTiQ-vmxb1JDqioXlVJ3h2aanIotGPPsmLzGbwsgjQAs81w0QavYygpkpXUHjLzRN1bJLyq_0QYM5uiNs1J7oKd1GR90baSnuC2e4ry6nR7uTOI4an5HJOrjF3m3xqwf8nJfHR3Ku-H9-Eb4wzSOh3FfeerzwlpjMS0HalZHw4kshvE28OPjF3dvy3RIZ8xx56WpKGVt8UlDTJH0kBHfs5OKhIsKzFYgoawkFw56hLSjNxv6SZm3GdL9EASSfiPoL0vpppQOnLNvEBUdxG0220v6_NMO5IfLrjJm4jNdXz36Wkt_5xEsPVdvpGIn_a-9llCOUn1imLm_K33WM0qoztyygk5yRZtt0%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1187684794353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2057
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Nov 2023 02:27:02 GMT
Expires: Thu, 02 Nov 2023 02:27:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame DB6A
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
665 B

163ms
41ms

Image
image/gif

145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: B2A2D18B:8904_91EFC182:01BB_654308F6_18F0E1:1A42A
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=83177400007497004444554012496011&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 02 Nov 2023 02:27:02 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTf6AMyQV9p6ltXMvUUAJE&google_cver=1&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJlpUmF5mKjFuZxzOaUqCucPt8GobvN8R_bhQZoPKcgn3w&google_hm=vxTo_LJ5Fm...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJlpUmF5mKjFuZxzOaUqCucPt8GobvN8R_bhQZoPKcgn3w&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWpxVHOFcgXlMx1qO91txQKAlfwUEL0ueleKmWbQhmStKcM3P9ZJlpUmF5mKjFuZxzOaUqCucPt8GobvN8R_bhQZoPKcgn3w&google_hm=vxTo_LJ5Fm27qFzbP9j8VQ
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0B63 0
187 B 173ms
13ms Image
text/plain 98.98.134.241

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPuYvBLuRtMmMCvnONb0duQ&google_cver=1&google_push=AXcoOmQtXC8_B4oV3n9OhvASWWxDN9N5Q29A30KURAt4ALOsiPMAdZZjKQZpMGlKaBCQ3u1kA2EMP1DPxLQ1zGrvEfQmLSeSxmwzRQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:01 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUW...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUWrCWaP8s3LFH5aV2w&google_hm=hmVDCPSD4NwQcUx...

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUWrCWaP8s3LFH5aV2w&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmRyLatLvUD11FUmxsKLSeiHT5ySU7brfqUASAT5iJVeG5r9sT8PxuFdAv8aVg_wj3glIdiWXZNka7vaUWrCWaP8s3LFH5aV2w&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEiW_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEi...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEiW_FsfRJ_geLwnSjTaLXiyNRA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmQ3fLxv0Spze6LY632DPat8qyYFXGFr26cFLuQMjo6UXJ9rkyKv5fD3v29YKELuLH4SRQFoEiW_FsfRJ_geLwnSjTaLXiyNRA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1aA_iWT2hYVQtOck6gQv5BFqP5hu7w2LDamuOYeIDqVUF6Vb6HhwKuCiMsqEuSCGbpXErSHf4xH81KdDFgS27hlMb-v5Egw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmR1aA_iWT2hYVQtOck6gQv5BFqP5hu7w2LDamuOYeIDqVUF6Vb6HhwKuCiMsqEuSCGbpXErSHf4xH81KdDFgS27hlMb-v5Egw
date: Thu, 02 Nov 2023 02:27:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B63
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOHy-n4tLodbXQzzDjn9xg&google_cver=1&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_Xm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_XmcV0KetLXqGWrg&google_hm=HlizuGZHKo5w2VaUQ1af...

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_XmcV0KetLXqGWrg&google_hm=HlizuGZHKo5w2VaUQ1afSrYh

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSTErcAC2R7tTjJlRHxBOB-hJsqlcu5okipwBzDbHewxZrMPz7CsqtZttFVWdyBa3XnujwD5YTlc1Hkzn_XmcV0KetLXqGWrg&google_hm=HlizuGZHKo5w2VaUQ1afSrYh
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 0B63 0
44 B 21ms
20ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELL6K3HfJ6_y2cfGGwbXyWE&google_cver=1&google_push=AXcoOmRTQPWnfi3Ti2G_NnUlRY8Qeo1n6iUpIRL6ylZFSzrz1Ie06f-rB-8iYyt49aqmlJLdNDGLpIJ3QQ0Ps0Z6vv5WbA_tNYS2FQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:01 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B63 0
12 B 22ms
21ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KImzGLuUSvTnglkTcb9N-wx-OYC0czcLgoyeYKk57ibSfKPdVBcN8olMhAKXTTKEqOGt6e

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

htlp
futalis.de/ Frame 55D2
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=44808800008719904444554012496015&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933

350 B
401 B

72ms
8ms

Document
text/html

49.12.22.42

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=3a64d983ca&subid=&uid=e657f194b4899b11&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMO0q8whDZZEj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9CURbDcipLE4iEniqUIuBTtG7GLHR5c027cQ6l6u23K7UjeoFD39ufLdKIR3PP4Tkhj36vdUB6F2B4QTVwhdxBvjd6552bccXb_E_tpGHRTLM0mD2F7uqviXzoWy0C4-BiKohucja5vSbjXTGr-QvIVTUtzxZGAMTCL90BxEXGkmrH_1LyDMDeUxNJtvvD-BU16neL9BBoUfMdIM4rBWztPGovQM18omfEn5zDPJ8WM3Yj5vC_Gcb0MRTRW5MWQETpN7HOftctO-QNWWrMj9xYIHba2HLukesYJ5THZHoVQJu0JN1Z2oUv2rh5CGo2P-YgSgmo01Kee6pWpHch0t775N7gmU19SrPdkPIVsXv_uF0UJZafeVnq7etQjHXFzX7ojiNRPApqjaN102k1C05IameDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwio5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_113ZQut44EpQU4GLk3MwHxfd5Ljw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-B_EiYhM2ozoqVdDXqlnB-mC47B3zqLXspUhw-dCksMF_eyDgCsT4caFYq1ge_1nlSe_Ifv1D4oBVeOocmYvtm_HrMjcHSBtyLbx6oR4uXKBT5rFh-C3sHcMK1IosQN0vQFIGK20fXjtmLfnadDNlfcYfaxeDyqT8WH3kdw6q7kgnRz9NU%26cry%3D1%26dbm_d%3DAKAmf-A5EBTm17yjh1B-A_FyRoZERPkXa5towt7_kwrTG50CxV7UwGVIOIJmknIFg4MDudyZpQtHx4B4FiB6yG4izxZ4nyT7REziy8MEqkzI_6hc7sqqUNCgD_2k_0fjE6FZUL_FePZtmJe7FHs_yV3O-RIaBbf49wzWNlrLGIrhJc63ydjpbI7iPP-tLhILTLnwrIckDTDRXEsX2HZdZSZow5ruXgF0AY3tRAgjmEmP1RBJIoL7vxo4oSqkc56AKvrzmPef2Y_cB9LcVEoha1JXGro57SKQAjaxR1dG4jmkjswRso6FOUCWMcUGqOY18BZY9vMoVZR5FarGDq3IzjlF2PJj-uJtO4C9bFrOlQKreWQaF50hPZMxkn6z-KJmPoCdypdiL-hs_mB3B92kmvV3mVXBgrz3TytY6SL_fQ1QgzU6X8Als4dEPvCo54bPcskJuA06LGxNH7jmKSqoKjk476vDl0CHai01DJ0RX9ymuhRGyJKAuNDX8ES8zFe1meiRYdObpFatoFNNbomI8iLgN_cU79l5ZbnrHb-AqnpuAciQElo8mDw%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1367945829500&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 02:27:02 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2

200

activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48
5994599.fls.doubleclick.net/ Frame C892
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48?

390 B
283 B

32ms
30ms

Document
text/html

142.250.186.134

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48?

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Thu, 02 Nov 2023 02:27:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:27:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php
hal900015.redintelligence.net/ Frame 9CE6 7 KB
2 KB 36ms
13ms Document
text/html 138.201.135.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=3a64d983ca&subid=&uid=e657f194b4899b11&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMO0q8whDZZEj0YfU8g_surbYA6blvaBprZWcp8kP8C4QASDf29hyYJUCyAEJqQLp461yIryxPqgDAcgDmwSqBLQCT9CURbDcipLE4iEniqUIuBTtG7GLHR5c027cQ6l6u23K7UjeoFD39ufLdKIR3PP4Tkhj36vdUB6F2B4QTVwhdxBvjd6552bccXb_E_tpGHRTLM0mD2F7uqviXzoWy0C4-BiKohucja5vSbjXTGr-QvIVTUtzxZGAMTCL90BxEXGkmrH_1LyDMDeUxNJtvvD-BU16neL9BBoUfMdIM4rBWztPGovQM18omfEn5zDPJ8WM3Yj5vC_Gcb0MRTRW5MWQETpN7HOftctO-QNWWrMj9xYIHba2HLukesYJ5THZHoVQJu0JN1Z2oUv2rh5CGo2P-YgSgmo01Kee6pWpHch0t775N7gmU19SrPdkPIVsXv_uF0UJZafeVnq7etQjHXFzX7ojiNRPApqjaN102k1C05IameDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwio5bX6oaSCAxXRA1UIHWydDTuwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE%26sig%3DAOD64_113ZQut44EpQU4GLk3MwHxfd5Ljw%26client%3Dca-pub-6484389103411752%26dbm_c%3DAKAmf-B_EiYhM2ozoqVdDXqlnB-mC47B3zqLXspUhw-dCksMF_eyDgCsT4caFYq1ge_1nlSe_Ifv1D4oBVeOocmYvtm_HrMjcHSBtyLbx6oR4uXKBT5rFh-C3sHcMK1IosQN0vQFIGK20fXjtmLfnadDNlfcYfaxeDyqT8WH3kdw6q7kgnRz9NU%26cry%3D1%26dbm_d%3DAKAmf-A5EBTm17yjh1B-A_FyRoZERPkXa5towt7_kwrTG50CxV7UwGVIOIJmknIFg4MDudyZpQtHx4B4FiB6yG4izxZ4nyT7REziy8MEqkzI_6hc7sqqUNCgD_2k_0fjE6FZUL_FePZtmJe7FHs_yV3O-RIaBbf49wzWNlrLGIrhJc63ydjpbI7iPP-tLhILTLnwrIckDTDRXEsX2HZdZSZow5ruXgF0AY3tRAgjmEmP1RBJIoL7vxo4oSqkc56AKvrzmPef2Y_cB9LcVEoha1JXGro57SKQAjaxR1dG4jmkjswRso6FOUCWMcUGqOY18BZY9vMoVZR5FarGDq3IzjlF2PJj-uJtO4C9bFrOlQKreWQaF50hPZMxkn6z-KJmPoCdypdiL-hs_mB3B92kmvV3mVXBgrz3TytY6SL_fQ1QgzU6X8Als4dEPvCo54bPcskJuA06LGxNH7jmKSqoKjk476vDl0CHai01DJ0RX9ymuhRGyJKAuNDX8ES8zFe1meiRYdObpFatoFNNbomI8iLgN_cU79l5ZbnrHb-AqnpuAciQElo8mDw%26adurl%3D&documentReferer=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&ancestorOrigins=http%3A%2F%2Fuploads.jovemnerd.com.br&random=1367945829500&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1996
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Nov 2023 02:27:02 GMT
Expires: Thu, 02 Nov 2023 02:27:02 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3E2C 43 B
704 B 209ms
66ms Image
image/gif 23.212.218.19

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=44808800008719904444554012496015&pv=1

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 impression.php
t23.intelliad.de/ Frame 3E2C 43 B
553 B 160ms
15ms Image
image/gif 3.124.138.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1698892022&co=
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.138.165 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame F310 38 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 655E 38 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 5713 38 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame F5AB 38 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame E220 38 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame A4C2 38 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame A720 38 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame A38C 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 140E 47 KB
47 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:21 GMT
x-content-type-options: nosniff
age: 401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:21 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 140E 46 KB
46 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:20:04 GMT
x-content-type-options: nosniff
age: 418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:35:04 GMT

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 140E 7 KB
6 KB 37ms
37ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5633
x-xss-protection: 0

GET
H3 200 60005582_20230824063904642_50Prozent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 140E 1 KB
1 KB 14ms
14ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230824063904642_50Prozent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253907f2b612b3496b25305cddb8eb331bf64c23148785f003fd12f71400a1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:06:29 GMT
x-content-type-options: nosniff
age: 40833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1387
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 13:39:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 15:06:29 GMT

GET
H3 200 60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 140E 30 KB
30 KB 16ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 12:33:16 GMT
x-content-type-options: nosniff
age: 50026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30980
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 12:33:16 GMT

GET
H3 200 60005582_20230824063815076_728x090_V01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 140E 31 KB
31 KB 17ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230824063815076_728x090_V01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b6f591a9ab6f3924fe3f9f36183f4b33cefd4ff276d6d5cc053d34093abeeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 15:16:27 GMT
x-content-type-options: nosniff
age: 40235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31731
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 13:38:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 15:16:27 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 140E 43 B
610 B 17ms
16ms Image
image/gif 141.101.90.96

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=30943227_4307561_379893499_145341330_PO0803A20230913&ref=30943227_4307561_379893499_145341330_PO0803A20230913
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 14102774
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 273086407
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81f8efa38df32bbe-FRA
Expires: Fri, 01 Nov 2024 02:27:02 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame E242 38 KB
15 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame C7A9 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D74B 1 KB
646 B 25ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0A60 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 315dc63217adb8880e0b6213d4d5ec39843826d96f1634ed59dace5e8512dbda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 107D 1 KB
646 B 16ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3A20 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6d4314dde252260bbe4e4e8301c5df63904b7e18809fe26fb29757a452108e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 140E 26 KB
26 KB 17ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=PeJmNI5GmX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:26:38 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Nov 2023 02:41:38 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3046 1 KB
646 B 13ms
13ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DB6A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ceba7dd05af41e515059fbeb452b1c3579763ed6c65af09085bb7b44834d71a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame EF52 38 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 18:43:58 GMT

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AAFA 1 KB
646 B 14ms
13ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Fri, 03 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3E2C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff390ef0db3089b4ad130bc6e0a9b9b23db88b4a0d86a79c4bb4f3f641048a31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 avoury_970x250_atlas_1.png
s0.2mdn.net/sadbundle/12505265398156424326/images/ Frame 7FBA 318 KB
318 KB 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12505265398156424326/images/avoury_970x250_atlas_1.png

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9232e8111a718ee12755a08c3cce241e3b7148f04ba35c2db86f97d56abcea22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12505265398156424326/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:36:43 GMT
x-content-type-options: nosniff
age: 60619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325740
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Oct 2024 09:36:43 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9798 0
0 53ms
53ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2Zh7SNzWmyFt1JwXn9jhmjWEWyAu_b7Vn96J3weaZruEa2AnYPkNxrvtbTSbDalRcRdvXzNVWx66oju2wcH7tcBggPKZtTWYiOs9SaDiYTv-tAh9msBA6YO_etbrGu-VljWIUW2kfjYxl8CrZRQ-a0U3Zx8XT3WnksgLA3jzXlOQTqa2-UGnPNHcieJSAb-DWToEhsK8_n5-y1xP_bwGnQ2qjsg0Gu7Z2jkyj39ZEBE2vSlKLTNd9CTOlbJUVLumMZs6LW5Os6sNExe4ZmkOtwyrXpP-PLavS2vC7guuNA__ry6AT0JGvkXSPKzic2yK9njGAxowvV7V8K_BsCjf49IeAe3Sx48DqT5pm2eF_a7v7qF7TuVoQ1HjWXtYQtLQMpndAg8R6poQ5pfkxQ05vVUBNHoO9WmtZP5hj7Ak2AqCZPtup9xgayXJPi_CpHxFtNr2QaigLrx4xHuuLbe52xpVc9rXpVqt-NAlBPtJFXNwIzsFP9mWsuxMaew1lYHjTevFzVQOO9MhLFOPOyu0v1rISMLPSGPR8AEChYu9MuaPmKQolncBHmLxn_E2XFprBGMltU2AbNLbdcsntebEJzRndzyqZV1y69kaiGKko7du-Zv7hdJFg1EenTEZqPc_UQg_80jR1skTiFxukUTcL807EqqoRZR3unL-pf64UoFvgnBCwhCpqwFw8CCY86y7kHFXD0nmP1eoBqNH8p0HMPtxoqcabwjkpOfEAf3bIQL6Qk5mjfqUDc_iPNFmJra-wiy0Kvv57mAVJb-qBe2klRupCT-9F7QvNgi1iyGadK17fO6bITIJqSReXDM2lMKINe8N9dN4I2z0y4jxhMBHCF965E7ZvJjrL7ijAHbLIBViPHTSuvMqZ1hhlUb897CCQoE98cCjGRMVIASXOIT4S4fx3xA5EwYW0zhdahbEjPFDO8NWxH4fwWjVTrVkNEhM56t_WENmA700hd2Vkd93J13ovkbSommqrfc85UULW-3yjffrpSCEY5Ah9ExKuGSb8CQHq5j0jHRqy-9bvjSeFn-6j2QDXBR7_GusjgMr8bDRhdFB0JlvL7WRYYCTLRaAsRaaoQQXhsuME0ne6rSiwmXwiH-Zff_mEA-hNaxSgv4ZpdkyU8jqgtGzWU8Q_CpWp-QlmBV2Q_dVjPMQKBolQSAaVNvoUTHJNkz7I8RpIciJxq_xTia-aXLc-5KrDue73H6qdKjYpIgH6gEBmm2f6RVTLYC24M8sNGGMbO2v-RA3OLFn5U20BMqunUKILyqaMAANHITSO_k-ShNS5yvxYoO92ZPLyEiAFqO2bT5qDtCyt60XbCyCKGMGsNOMWyCIbaRTaxN7OE0fmBXlkK8NQwdfOlW7NNp4LySmh7v5dkE7GmrdjnimYsaYF2jvUIj7Ivp3nMMblBueKKxkiAVbIDOUtzFp_pfSry-rPx2iItqPBe7q21QcBz0WhOU_uiCll3ja0q-ssKVxQ&sai=AMfl-YTu0fn3tByoIWGAPGEz65d9wo3IfIN6IkPGjzEt5y-wY06US2Qm3xZErvmbseRkEXxSmlBRlSzsBYydSAgOpPyCmKCnKCncmkJGoUR8oYRB81Q81eZug_xN65DZF09Z5PdPn8tHPd_8sVdnA1gzYRTz3rxSAOp8CkcuFOQ6lG9llQS-cMGqoxQRjfaTar5yU73HZETXu30Y0Z3aq4h4CSh2iDFxyMdgGWJ6iyuRe_xS_s5I5CGDzkUuhcp9U6SasCnf&sig=Cg0ArKJSzAMHZsuTOR-UEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1275&vt=11&dtpt=993&dett=3&cstd=280&cisv=r20231031.86648&arae=0&ftch=1&adurl=

Requested by

Host: uploads.jovemnerd.com.br
URL: http://uploads.jovemnerd.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0EF3 5 KB
778 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 01:24:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0EF3 12 KB
12 KB 34ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 3c1b07d95cf7394a1fa6939b668939850a528144c4b330baa57cf3e9bccd3e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12181
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0EF3 12 KB
12 KB 35ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 521df494755beb0c114f3f1c8f301f9e629b8825f6e99713da6e5e8aedd98f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12072
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0EF3 10 KB
10 KB 48ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10046
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 756D 5 KB
755 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 02:00:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 756D 17 KB
17 KB 37ms
13ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 756D 16 KB
16 KB 36ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 756D 13 KB
13 KB 83ms
61ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13288
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 9CE6 5 KB
755 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 01:24:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9CE6 11 KB
11 KB 36ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10940
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9CE6 13 KB
13 KB 138ms
115ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12997
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9CE6 10 KB
10 KB 107ms
84ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10144
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 084B 5 KB
755 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 01:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 084B 17 KB
17 KB 43ms
12ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16983
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 084B 16 KB
16 KB 43ms
13ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 084B 13 KB
13 KB 148ms
127ms Image
image/png 138.201.220.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13288
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9798 42 B
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5eVUTdSERGC8nXznXtEa5b6bU8gF5K0SQpdp2nb_zqUw1xNhAH2GbtjNT8CAVQww08y2DBEy5TYUaqUmZRFYeGbdf3fS3qOPu72IvgdegSkmrzcIKniVjTKRLG1MnapweMDMgluPsm0dJ&sai=AMfl-YQ51-s6XVTX9cMq3Pwy5YlObu25Gd8W95oCC-q24XpOiAxP4RfoMEYqCPKfEDG0J5gHalj8KHB6w_7GMY0x7qPsCFzJWmBY3fuzh7CIjblxSJSkrVC7v_NVAKs&sig=Cg0ArKJSzPGzFtvo6RmDEAE&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&id=lidar2&mcvt=1237&p=568,315,818,1285&mtos=1237,1237,1237,1237,1237&tos=1237,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=784015007&rs=4&la=1&cr=0&vs=4&r=v&rst=1698892019556&rpt=1823&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 699C 42 B
0 69ms
69ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLym19RkdESyftQiPVG4dGZBPUHQC7I20vqawFZDBHXDoaWvob_e4-gw7ja45IJYPlO729drMStB_FrYpCZ-OegCo-MpgQTjPpebNkfq2quuDEZigNGhAq0jyvR896fsIF2gHZkx5mvPiL&sai=AMfl-YSRbSlLN23b2S1lkzTCJBZGZQuc-ia4mWA-DI1LqgS9zeLXuO5fFNemVG0BnLyogIACEz4Ujb5G39vr1-FwLHKdMUC3fYAk9m_rmqmiXUaKw-n7BXtsNXx-El8&sig=Cg0ArKJSzOH96JSFP4VYEAE&cid=CAQSOwDICaaN1M7MyP1EVH71hMU25Ue1OuC_8dt5hcewxMs8o_78NUK2ie_mpV0cfC2JbXqZxR9Tm8bme_Q1GAE&id=lidar2&mcvt=1201&p=1110,436,1200,1164&mtos=1201,1201,1201,1201,1201&tos=1201,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2894485229&rs=4&la=0&cr=0&vs=4&r=v&rst=1698892019754&rpt=1681&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465
adservice.google.com/ddm/fls/z/ Frame 2BC6 42 B
107 B 101ms
53ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP6yjPyhpIIDFVmf_QcdERoGOw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1480808130354.465?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48
adservice.google.com/ddm/fls/z/ Frame C892 42 B
107 B 77ms
54ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO6yjPyhpIIDFWyW_QcdLHACxQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3719482425147.48?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33
adservice.google.com/ddm/fls/z/ Frame 6B32 42 B
401 B 73ms
51ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLiujPyhpIIDFQbBuwgd0fYJDQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6246371791277.33?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371
adservice.google.com/ddm/fls/z/ Frame BB12 42 B
107 B 59ms
53ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMzvjPyhpIIDFaXIuwgd5sAOyA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2678495253146.371?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js
cdn.retailads.net/ Frame 55D2 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3259432933
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ Frame 140E 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame 10DA 175 KB
62 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63960
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame 0215 175 KB
62 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63960
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame C081 175 KB
62 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63959
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame 1309 175 KB
62 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63959
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame CE51 175 KB
62 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63960
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame FBB2 175 KB
62 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63960
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:23:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Nov 2023 02:27:02 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D74B 0
104 B 114ms
21ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkPIDN94UlJ8jlJyWaOIzI&google_cver=1&google_push=AXcoOmRFSl7qcllSyax2fGEqZFAV7KwXmXqH-IC-dM76plufi3AoqAXEzvbcpT78OoX38BSJoaY34Qjl2EEpYLCo49YEeyZMoKyZFA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D74B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVNSTlBQUFwZWhDMFFCaQ==&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmTid4OOvGKPKOXnW2CmDjeXqNnr9G...

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVNSTlBQUFwZWhDMFFCaQ==&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmTid4OOvGKPKOXnW2CmDjeXqNnr9GjQiqNsrJdvXZ2EL18xoXWA9QUhbwAyCbGXqEh_mMPixN3ERZ-M1j2WglsKrF2fUynV0g

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230139-FRA
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698892023.960800,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVNSTlBQUFwZWhDMFFCaQ==&google_gid=CAESEKAhhMs_xua6HlniTM7zDSY&google_cver=1&google_push=AXcoOmTid4OOvGKPKOXnW2CmDjeXqNnr9GjQiqNsrJdvXZ2EL18xoXWA9QUhbwAyCbGXqEh_mMPixN3ERZ-M1j2WglsKrF2fUynV0g
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D74B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSv...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSvngPGNpg

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSvngPGNpg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTBdGSRI4-JoRnUqOCI6JykjqOCb8r096S376IGIGw1iY5WVBASjlLbwI7hn2hMyg_FigOSCqqtfqR4WpYhgZkzjSvngPGNpg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame D74B 43 B
94 B 20ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmSudTl2KUD0tWSWH4CVbKFJAoqZZsNCy3WgQxvm1eb-owIWyNYPjmTSqVQIrvFFtpGFTbHSLbWJGbNbFBXDU8-otcLGNPwpBQ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

report
sync.teads.tv/um/ Frame D74B
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDVViVSMVxb-...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ8SvIXPihDvZ1cGKzXNYMAesXDFJm4S4uJ1AI9jTToW8BII-jL0VWuO4Vh7TyGpKGpAxqQjXW-fMACnrfqlCM8uNfzioVoGAM
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
32ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 02:27:03 GMT
pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D74B
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_Z_1x8soyf217rSgyQ...

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_Z_1x8soyf217rSgyQukA8qp4QD168NdPVovr7c-NnhzUKLXJ5m0UzKAZF4FYLubt8yE4CPASuMUQad9RU4p8w

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
an-x-request-uuid: cd691bf2-f8b8-4311-9107-6b71f9a3379e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTVWwVx9o52_Z_1x8soyf217rSgyQukA8qp4QD168NdPVovr7c-NnhzUKLXJ5m0UzKAZF4FYLubt8yE4CPASuMUQad9RU4p8w
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame D74B 43 B
146 B 60ms
8ms Image
image/gif 35.157.81.215

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJmrEmJ8MBH2p04XL816mcU&google_cver=1&google_push=AXcoOmQ0YXlqPTlcC_3-xecBejOcjXFUAWCcL5DUPKsQhK5tZh1DNpZhSiQlatddSsTE-C6vCTvR6b-k_slulS794ECNNw1MiQqnxvU
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.81.215 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D74B 0
12 B 21ms
20ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoB334wPGqQ1J-QvUf0UyXNPl1Ppj7FHkuJqRrvjS2-_SHMGorTvhxAF5RSBYk4HRAnA0qCuJ0

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability
hal900013.redintelligence.net/ Frame 0EF3 0
0 39ms
15ms Script
text/html 116.202.48.214

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=21719500007608904444554012496013&a=4a609622&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=21719500007608904444554012496013&a=fc8976f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability
hal90006.redintelligence.net/ Frame 756D 0
0 38ms
14ms Script
text/html 138.201.63.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=60953600009174304444554012496006&a=81b89f4e&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=60953600009174304444554012496006&a=15c14179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 107D 0
103 B 90ms
21ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkPIDN94UlJ8jlJyWaOIzI&google_cver=1&google_push=AXcoOmS2XbsWMoy94QL7tp9pwQlXcc_6LmTSrEiZjtLfNdSrmxdHXQqoupdqjsa0Dx1jlHfLOFXKdNA_iZLT5YScW3KsAj0AB4eN
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 i.match
a.tribalfusion.com/ Frame 107D 43 B
612 B 172ms
170ms Image
image/gif 2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmTRM5UVE3tFDgwB0fPEb7uE8prx0W9UrgZzVw_Bo6kG6CnIiXKrTZGXIvpr17qfTYfneidBxZg3lhJYBLoi-zET9SymgbeCkg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRM5UVE3tFDgwB0fPEb7uE8prx0W9UrgZzVw_Bo6kG6CnIiXKrTZGXIvpr17qfTYfneidBxZg3lhJYBLoi-zET9SymgbeCkg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f8efa7ae384d49-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 107D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff4...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff40wXzwhyk7j55lyPzp&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff40wXzwhyk7j55lyPzp&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRqTPRV37mtaX_Pl-Lhy0UQBCx5oWWjxF-rCU7UbGZsvZjnIc3AlJeX_JIeLSWs2hUn9GoSciEYff40wXzwhyk7j55lyPzp&google_hm=EKPEb76ZSamkxDtyjWzSQ4s
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 107D
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMN5sPYdW-8cI3cA18nDvd4&google_cver=1&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhF...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhFAsY-cosfRWqbyiWg&google_hm=hmVDCPSD4NwQcUx...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhFAsY-cosfRWqbyiWg&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSmbxCArA-I7SWs2LZub5DLg-9JLSpr_6qB8LrbUj2TU6HWkOG1fnJJHPWDz0PhsWgud9JI5KA_B9aKhFAsY-cosfRWqbyiWg&google_hm=hmVDCPSD4NwQcUxtlg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D654308F483E0DC10714C6D96BLIS
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 107D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPOB_M908T5l_JAolZnhnn4&google_cver=1&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOPh5qLdTg&google_hm=eS1ycEJQX2h0RTJwR3ps...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOPh5qLdTg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 2
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZg1C4dnQp-ATnwBWqMcl8SLHt76EU2RllEptou-XiaXyGvQ2Hm1Q3yOFnF5dOIDCwokTWgBSL7OLNSQUAJVR_yOPh5qLdTg&google_hm=eS1ycEJQX2h0RTJwR3psMHltNWxQRU1DVHhiX0V5MkRwS35B
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame 107D 43 B
58 B 20ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmTzg80cfnJsK_GlDG66ONawUTlHxYuYVWBzNG_IVZZ1ZTgl_ZbBkqb1Dl2I0wOHkAZ_s6zaf3xv5nSW8bP1Cgbb-_U4E5FZ
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 107D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbs...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbswNKR9jesYfx54uPNZ...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbswNKR9jesYfx54uPNZ4s2YfsWw9N9WIBsCPsGpAvlcrCqVycvGRbhn4skwFlFt2O8-n1_-E5Zjnk0cyCrS8xPA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
an-x-request-uuid: c4fab69a-7e49-4951-aa6d-fae28f473496
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmT1FlND5MTbswNKR9jesYfx54uPNZ4s2YfsWw9N9WIBsCPsGpAvlcrCqVycvGRbhn4skwFlFt2O8-n1_-E5Zjnk0cyCrS8xPA
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 107D 0
12 B 23ms
21ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lbvu0fIK7ARus9GrFTeRo4enmVFfDPgTHs6RfbX6wG1hXTGLQ8O0DuqxDvVp7zk0WkR33v8g

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pvClk.min.js
analytics.webgains.io/ Frame 0A60 53 KB
0 92ms
33ms Script
application/javascript 108.138.36.15

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=21719500007608904444554012496013&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.15 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:34:18 GMT
content-encoding: gzip
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
last-modified: Fri, 20 Oct 2023 11:11:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 71565
x-amz-server-side-encryption: AES256
etag: W/"0ae4c707fb82279f376a21c2c459fbfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BOtH7zwkuP9cWDOlzM3pJVH9AvuF_HNhZ7XVaQuqQsHV7LmgR2wY9A==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 0A60 85 B
437 B 83ms
3ms Image
image/gif 108.138.36.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1698892322&Signature=VWfDD8CHr6E1YSkB-5N3~FP2UYtDvZ4hGh9HWZKf~13ULgtjkVS3aC0-qmqECpw7Q3TpjvlHrowWP9gevrnKX3lJ5jPzNiQDFphX1wDreNfn2AdcuMvZoutYOfRez0yvzvXoAJsx9zIi~9tz5spof1tV8wM-pmn-2sWOA28l9QJ1O4mBQvZGba-rfMAZ0GmDMfWenOv9fD9-pRjn3CUvz6UOaWyyk6Pi0Y~PlBvt9cSJ9iQPXROd9mFBt49LRDbzFYscsVbbCzGfYcvUNsos2FIUYQD1SKsucWE8m~wo4XlOyHC0BY3LIIlOkBha7CgGwsT80PNtAhKuxeNVAv1RAA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 01 Nov 2023 08:31:41 GMT
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 77127
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: fx5bDU0KcWBlrjg3NiPn0-VUQMx5F-ccJ4kNBwgWPC6pXKxyum9hWw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 20ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E05ZNEGCY2&gtm=45je3au1v9105768570&_p=1560177745&gcd=11l1l1l1l1&cid=898812799.1698892018&ul=en-us&sr=1600x1200&_s=2&sid=1698892017&sct=1&seg=0&dl=http%3A%2F%2Fuploads.jovemnerd.com.br%2F&dt=Jovem%20Nerd%20-%20Not%C3%ADcias%20sobre%20filmes%2C%20s%C3%A9ries%2C%20HQs%2C%20games%2C%20animes%2C%20ci%C3%AAncia%2C%20tecnologia%20e%20humor%2C%20porque%20rir%20n%C3%A3o%20faz%20mal%20a%20ningu%C3%A9m!&en=bg_banner_ad_impression&_ee=1&ep.banner_name=Intel%20Dia%20da%20Toalha&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E05ZNEGCY2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://uploads.jovemnerd.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uploads.jovemnerd.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability
hal900015.redintelligence.net/ Frame 9CE6 0
0 42ms
16ms Script
text/html 138.201.135.164

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=44808800008719904444554012496015&a=37ca71a8&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=44808800008719904444554012496015&a=437f7b6c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRb8eYkbGupCdO809Y5wVVXjKW8qFqLNgkZprK1fit...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRb8eYkbGupCdO809Y5wVVXjKW8qFqLNgkZprK1fit8UeNbeUVLdfx26AkSvG03Xug69j_KAE645RP91G_rWVWh5MvExfsNaA

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Nov 2023 02:27:02 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-0237fe7a9d585a71c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V1VraEdITmwxUVlucWM1&google_gid=CAESEMrxffhjew60Jp4IVOckJB4&google_cver=1&google_push=AXcoOmRb8eYkbGupCdO809Y5wVVXjKW8qFqLNgkZprK1fit8UeNbeUVLdfx26AkSvG03Xug69j_KAE645RP91G_rWVWh5MvExfsNaA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 3046 43 B
573 B 165ms
162ms Image
image/gif 2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwO_i7mWdvkeS1omsJ8RJY&google_cver=1&google_push=AXcoOmS0B2YGEMprN-RIBgSS3nze9zvma481B0tUw5KKpE7jbmX3JNTeXiXcaImhyjGrwDZJm1amjnM3AtX3K2fA2oXj1uS_6Ant&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS0B2YGEMprN-RIBgSS3nze9zvma481B0tUw5KKpE7jbmX3JNTeXiXcaImhyjGrwDZJm1amjnM3AtX3K2fA2oXj1uS_6Ant%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81f8efa81e674d49-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENPsAnkr7bIpLGuSml0Z6H4&google_cver=1&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LD...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LDib6z06fkwT7FJ7WhMXA&google_hm=EKPEb76ZSamkxDtyjW...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LDib6z06fkwT7FJ7WhMXA&google_hm=EKPEb76ZSamkxDtyjWzSQ4s

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSwyOVElD4_AJKT5yI2xbcSvct3yxMoYjRLPGEm3DxAwyGjNWLogq4ichkat2shHzxJKZlM3EOm9LDib6z06fkwT7FJ7WhMXA&google_hm=EKPEb76ZSamkxDtyjWzSQ4s
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGVFAHdczn3AdtX_ImvnD0Y&google_cver=1&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIu...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIupXfNHWw

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIupXfNHWw

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSaWnUj8PCCEVpYGT0AEa95jH5s-SVaeTNGR8fcIKlyJW3n0E9fiVcQQDvBPZ4Px0Ej-AkOj4MPJMPRqWRCXEAERIupXfNHWw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA_HGm14_k66fX_HmA8Nz7Y&google_cver=1&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKGpy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKG...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKGpyNa_zkamiU-FjhjQnhIqP

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQzMTIzMDE0NjMwOTMwMjY5Mw&google_push=AXcoOmTihJVL54SjDwVCNQmhsVSpCkpKDOXFhKiQS4ZbOg6YNQdiHvxQIJ3e1mg9pkA66QDlUYBXKGpyNa_zkamiU-FjhjQnhIqP
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3046 43 B
58 B 21ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmShkTK6zVFZJtxfQwkWDOzvWugmVQUVbeBlfND5txguDba1PzeTrpVO_XM5XIhRhW23V9U_o8xKpoCrjjSVpSZQ1BeR-pRrKw
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3046
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSmoOOL6E-KPt8hRH0NlIkVPtz1FKIgE-F-vlK350ko0ZSm6wW3EG9ZjBWpNspXpwdPiJH37pSL2x7jHdEQbk4bxn7CQd3WXQ

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XlBxtpTfSUGi1YvVVWbzAw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSmoOOL6E-KPt8hRH0NlIkVPtz1FKIgE-F-vlK350ko0ZSm6wW3EG9ZjBWpNspXpwdPiJH37pSL2x7jHdEQbk4bxn7CQd3WXQ
date: Thu, 02 Nov 2023 02:27:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3046 0
12 B 23ms
20ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGwQxSgcEFSKFnM97S3oEOgApz6azdN7hbS0ye21OtSZxwExfV3xTdUvro7nWFHjsa1rDi

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pvClk.min.js
analytics.webgains.io/ Frame DB6A 53 KB
0 76ms
26ms Script
application/javascript 108.138.36.15

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=83177400007497004444554012496011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.15 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:34:18 GMT
content-encoding: gzip
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
last-modified: Fri, 20 Oct 2023 11:11:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 71565
x-amz-server-side-encryption: AES256
etag: W/"0ae4c707fb82279f376a21c2c459fbfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xOD6N5b7doMS0WytcOd6AH-bf_4SkUuAKUTvyYX-uIaieeAZFfBaGw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame DB6A 3 KB
3 KB 73ms
2ms Image
image/png 108.138.36.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1698892322&Signature=RPsQb8gXuDr~QrPcLBm~hEmHVchRcJAUD7noqUZgQxrfB4zTxEdZaARF8SH0aEPz89xtyylaZYPVJ5U3Pk6AXkMCMTq-ZY45fzJgAXsjptIoxYwGYGcQd~ZQLJkIJ9UYVA73cVqGuRsofjnFFLou5Y6zdfjtGgmyMxqqhsycfe491ITgy5tiXfOH7zA-dXVC~63acJSGy0x6GyKlLsmjpcDK6nHvjolX8S0nILloHGhnalYJiXxAAr1skuyb1nf1z8L1s0RuV7D7Pk4cagYQIycD-8Iz4b4lFUybF9BEq~dcsEk~BSp9DZvY3PRIPWC4-YOWTLdwkDVG-mXLzo7fyw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:06:30 GMT
x-amz-version-id: null
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 76834
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: tdamlXOiH-IQsNagt_ClAVsCnwRz2_c_TDxp0kzMc33U_T6S4jNRGw==

GET
H2 200 pvClk.min.js
analytics.webgains.io/ Frame 3A20 53 KB
0 69ms
20ms Script
application/javascript 108.138.36.15

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=60953600009174304444554012496006&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.15 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:34:18 GMT
content-encoding: gzip
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
last-modified: Fri, 20 Oct 2023 11:11:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 71565
x-amz-server-side-encryption: AES256
etag: W/"0ae4c707fb82279f376a21c2c459fbfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pGkSYHsAVfgMgsHu76U8jCgekCnJhktMm83MB_lyh__CHyJ4GPsXgQ==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 3A20 3 KB
3 KB 73ms
2ms Image
image/png 108.138.36.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1698892322&Signature=RPsQb8gXuDr~QrPcLBm~hEmHVchRcJAUD7noqUZgQxrfB4zTxEdZaARF8SH0aEPz89xtyylaZYPVJ5U3Pk6AXkMCMTq-ZY45fzJgAXsjptIoxYwGYGcQd~ZQLJkIJ9UYVA73cVqGuRsofjnFFLou5Y6zdfjtGgmyMxqqhsycfe491ITgy5tiXfOH7zA-dXVC~63acJSGy0x6GyKlLsmjpcDK6nHvjolX8S0nILloHGhnalYJiXxAAr1skuyb1nf1z8L1s0RuV7D7Pk4cagYQIycD-8Iz4b4lFUybF9BEq~dcsEk~BSp9DZvY3PRIPWC4-YOWTLdwkDVG-mXLzo7fyw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=60953600009174304444554012496006&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:06:30 GMT
x-amz-version-id: null
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 76834
etag: "4e57de0506fbdb487ffcd53b450caee1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: cHx2pAbgVf7fFW87YAk7Qvwd2u6fMLds3vdyR3lQMFzCtBjuIV2buA==

GET
H/1.1 200
OK viewability
hal900011.redintelligence.net/ Frame 084B 0
0 45ms
20ms Script
text/html 138.201.64.38

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=83177400007497004444554012496011&a=38e2e90b&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=83177400007497004444554012496011&a=ed1af16f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 02:27:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AAFA 70 B
148 B 52ms
50ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENmsdv_VFLHf3Qt7lNbH3TI&google_cver=1&google_push=AXcoOmRhhIcUqJKgUsQ4cBRDMbPeJb1hoAkSa8Z15_3HytDkx1Mjk2Jl0af1t6TI7FdJOfE5bkiy89b9Ddu1KDNVG9BX31-7UxqOwA
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAFA
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPnvV-Aa0zqoGAX83iybRoQ&google_cver=1&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAt...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAtUjJkb-YvV4Z_Jg

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAtUjJkb-YvV4Z_Jg

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Nov 2023 02:27:03 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uuIXVR-tQvAg09JmZ6QWxQ&google_push=AXcoOmQ3wNUGf3iYNIyK27atL3ABuWr0kAi7b--1R3tJhTyZMiMMr_uwYNAip2-ZhhB0bJzGtBHQyFbxhxslwCAtUjJkb-YvV4Z_Jg
x-host: tde-deliveryengine-production-5597b7478c-7tvzx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame AAFA 43 B
58 B 20ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECnCpNtPL8nwERfajxa5T-8&google_cver=1&google_push=AXcoOmTkoVZdB-LQeruk-ADRMt5zdWuKM6wjalD2i1rX53sCgChY3ZfnbRgvsmam73xQUyGvbicfLqgU6Zx8u-JiX4LGqT-cOa_Rww
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 ebda
match.360yield.com/match/ Frame AAFA 43 B
198 B 32ms
30ms Image
image/gif 52.51.19.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEEmxzZ3ZiQtPa3zRSYINoWU&google_cver=1&google_push=AXcoOmS2IodCJ4CSsyUah8a6KZJ_dRazUW6rAnDDhQXo4d_ulY4yO7J05BNTtiuCyL0GpSb4VSYpXaUUpDeb3S-k_mQMhllkqe3N
Requested by: Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.19.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-19-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Nov 2023 02:27:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame AAFA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO-78qtRFlWxhy9vZvibna4&google_cver=1&google_push=AXcoOmSXHtEoQTZpUk6dJ9ha8aeGD1lvzpespCcz6eZTXbDCuaMGSpGa0AQ3NTBgjHVSy-tgCq3KFsULzhL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSXHtEoQTZpUk6dJ9ha8aeGD1lvzpespCcz6eZTXbDCuaMGSpGa0AQ3NTBgjHVSy-tgCq3KFsULzhL8eaRTLE2tYjSoVbfwNOI
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

17ms
16ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAFA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaa...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaasxQva-ljzxI8F9gY_...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaasxQva-ljzxI8F9gY_BKIM4Gb_084I0FIF1LjS9RwPObU5GEjj0p5r5vDi5sZluiuRTAapHtpDrLy0CpJx2306w

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
an-x-request-uuid: 389738af-4add-45d1-a073-857b32d5ebc4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTQ0OTgxODk1MzU1OTQwODU0NA%3D%3D&google_gid=CAESEHBty3-EkGTjSFE2M-XMXUU&google_cver=1&google_push=AXcoOmTvxOvX0CXaasxQva-ljzxI8F9gY_BKIM4Gb_084I0FIF1LjS9RwPObU5GEjj0p5r5vDi5sZluiuRTAapHtpDrLy0CpJx2306w
x-proxy-origin: 178.162.209.139; 178.162.209.139; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAFA
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTgE7ViYwfltdTx8SSd-9A9jSCkbgU5Ac-gx_1vXwP7pjHWwhr-JMIJTG6QTICJ6Ks-_8WBwX74bK_5n-rneZHpF0gzHC32HyM&gdpr=${GDPR}

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=7c42fc48-e8ca-4cf8-a5c9-02d716a9f805&google_cver=1&google_gid=CAESEGAlUpvbKHT1T-bhAYvRM_4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTgE7ViYwfltdTx8SSd-9A9jSCkbgU5Ac-gx_1vXwP7pjHWwhr-JMIJTG6QTICJ6Ks-_8WBwX74bK_5n-rneZHpF0gzHC32HyM&gdpr=${GDPR}
date: Thu, 02 Nov 2023 02:27:03 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AAFA 0
12 B 22ms
21ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCkGtAj8xsaVaS3npe_Z41fx7Qnstw7ZQbE8fWvaBhXHhc68RrI954Y5_zVCRSoaEvhFQ1t9OT

Requested by

Host: 6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
URL: https://6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 02:27:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff2

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff2

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff2

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff2

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.ttf?8nvpt0

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.woff?8nvpt0

Domain: uploads.jovemnerd.com.br
URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEClRY0KW0zTe17EsCxrejvY&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: pb.media01.eu
URL: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=25986900007521004444554012496018&actionid=879111&produktid=ratenkredit&dt_url=

Domain: pb.media01.eu
URL: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52953800010890504444554012496026&actionid=879111&produktid=ratenkredit&dt_url=

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jovemnerd.com.br/	1970-01-20 15:56:18	Name: _gid Value: GA1.3.1103119683.1698892018
.jovemnerd.com.br/	1970-01-20 15:54:52	Name: _gat_gtag_UA_98571_1 Value: 1
.jovemnerd.com.br/	1970-01-21 01:30:52	Name: _ga Value: GA1.1.898812799.1698892018
.jovemnerd.com.br/	1970-01-21 01:30:52	Name: _ga_E05ZNEGCY2 Value: GS1.1.1698892017.1.0.1698892017.60.0.0
.jovemnerd.com.br/	1970-01-21 01:16:28	Name: __gads Value: ID=1a5d2bd70d94c965-22da8aea22e300d8:T=1698892017:RT=1698892017:S=ALNI_MZrWdQW5g2f3vileHmHLiJiKKSCTA
.jovemnerd.com.br/	1970-01-21 01:16:28	Name: __gpi Value: UID=00000cb10c1af8fc:T=1698892017:RT=1698892017:S=ALNI_MbOnnJikV9R1JBguT-Hc8ygPr4SSQ
.doubleclick.net/	1970-01-21 01:16:28	Name: IDE Value: AHWqTUmVL_rhNFe_-uwsIS1K-5Fdtr4w1VsMrcOhOw5QhTGQRar0jtXdckoYG6H3KTY
.doubleclick.net/	1970-01-20 20:14:04	Name: APC Value: AfxxVi5MKY5lkfb8K8ap7_GUkfqcsaVqWKQ5GSt_nvX8h1jGJr3p-w
.bing.com/	1970-01-21 01:16:28	Name: MUID Value: 0EE90D0A75F669DE0AEC1EB7745A6899
.3lift.com/	1970-01-20 18:04:28	Name: tluid Value: 2424016538087518928604
.quantserve.com/	1970-01-20 18:04:28	Name: d Value: EBgBCQGqKoEA
.quantserve.com/	1970-01-21 01:25:06	Name: mc Value: 654308f4-b39ce-1e42e-884a8
.turn.com/	1970-01-20 20:14:04	Name: uid Value: 9127958859533992868
.pubmatic.com/	1970-01-20 15:56:18	Name: KTPCACOOKIE Value: YES
.adnxs.com/	1970-01-20 18:04:28	Name: uuid2 Value: 5449818953559408544
.w55c.net/	1970-01-21 01:25:06	Name: wfivefivec Value: WUkhGHNl1QYnqc5
.w55c.net/	1970-01-20 16:38:04	Name: matchgoogle Value: 5
.csync.loopme.me/	1970-01-20 18:07:20	Name: viewer_token Value: 7c42fc48-e8ca-4cf8-a5c9-02d716a9f805
.ctnsnet.com/	1970-01-21 00:40:28	Name: gid_CAESENPsAnkr7bIpLGuSml0Z6H4 Value: 1
.ctnsnet.com/	1970-01-21 00:40:28	Name: cid_21fb6b728f27484c8b283ca263f37ccd Value: 1
.ctnsnet.com/	1970-01-21 00:40:28	Name: cid_10a3c46fbe9949a9a4c43b728d6cd243 Value: 1
.simpli.fi/	1970-01-21 00:41:54	Name: suid Value: 6AD8E9AF559D4DF99411ED3502FA1E63
.blismedia.com/	1970-01-21 00:40:32	Name: b Value: 654308F483E0DC10714C6D96BLIS
.casalemedia.com/	1970-01-21 00:40:28	Name: CMID Value: ZUMI9BC7UZX9RxHRzjNdoQAA
.casalemedia.com/	1970-01-20 18:04:28	Name: CMPS Value: 5142
.casalemedia.com/	1970-01-20 18:04:28	Name: CMPRO Value: 5142
.adform.net/	1970-01-20 16:38:04	Name: C Value: 1
.travelaudience.com/	1970-01-21 01:25:06	Name: _tracker Value: %7B%22UUID%22%3A%22BAE21755-1FAD-42F0-20D3-D26667A416C5%22%7D
.de17a.com/	1970-01-21 00:33:16	Name: guid Value: 1.3901878915711697307
.pubmatic.com/	1970-01-21 00:40:28	Name: KADUSERCOOKIE Value: 5E5071B6-94DF-4941-A2D5-8BD55566F303
.adnxs.com/	1970-01-20 18:04:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_sZjya!]tbPl1M>e)ZlrFUfJ+tGXvX+]0sR=HMs6p^xIBdA1760=4qi#X^UsR7ki6abpRzqF1`*b_CN)zFvR
.1rx.io/	1970-01-21 00:40:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f783e1d3-9223-451b-909f-ba8175a84914-003%22%7D
.adform.net/	1970-01-20 17:21:16	Name: uid Value: 6431230146309302693
.everesttech.net/	1970-01-21 00:40:28	Name: everest_g_v2 Value: g_surferid~ZUMI9AAApehC0QBi
.targeting.unrulymedia.com/	1970-01-21 00:40:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f783e1d3-9223-451b-909f-ba8175a84914-003%22%7D
.doubleclick.net/	1970-01-20 16:38:04	Name: ar_debug Value: 1
.lijit.com/	1970-01-21 00:40:28	Name: ljt_reader Value: HlizuGZHKo5w2VaUQ1afSrYh
.yahoo.com/	1970-01-21 00:40:49	Name: A3 Value: d=AQABBPUIQ2UCECgM9UiIF0ByjZjR42pX4A0FEgEBAQFaRGVMZQAAAAAA_eMAAA&S=AQAAAvMfClCO5LF6RpJb1ac6poQ
.tribalfusion.com/	1970-01-20 18:04:28	Name: ANON_ID Value: aLnoeUpkijsDifqGdSFFZcYBFJmRsMZcBqkYZcB6p20

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://uploads.jovemnerd.com.br/(Line 2301) Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff2' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff2' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff2' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.ttf?8nvpt0' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.ttf?8nvpt0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff2' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-MediumItalic.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.woff?8nvpt0' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/icon/icomoon.woff?8nvpt0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://uploads.jovemnerd.com.br/ Message: Access to font at 'https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff' from origin 'http://uploads.jovemnerd.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uploads.jovemnerd.com.br/wp-content/themes/jovem-nerd-v9/assets/fonts/Inter-Medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEClRY0KW0zTe17EsCxrejvY&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
6fa8348aff60c94aaf38576cbafbe5eb.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.travelaudience.com
adsdk.microsoft.com
adservice.google.com
adv.office-partner.de
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
c1.adform.net
cdn.adnxs.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
hal900013.redintelligence.net
hal900015.redintelligence.net
hal900018.redintelligence.net
hal900026.redintelligence.net
hal90005.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
jovemnerd.com.br
match.360yield.com
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s.w.org
s0.2mdn.net
s3-sa-east-1.amazonaws.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t23.intelliad.de
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
uploads.jovemnerd.com.br
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.bing.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
pb.media01.eu
sync.search.spotxchange.com
uploads.jovemnerd.com.br
104.18.36.155
108.138.36.15
108.138.36.21
116.202.48.214
13.248.245.213
13.42.240.154
138.201.135.164
138.201.220.30
138.201.63.164
138.201.63.165
138.201.64.38
138.201.84.244
141.101.90.96
142.250.184.194
142.250.185.102
142.250.186.134
142.250.186.66
144.76.91.199
145.239.193.130
151.101.193.108
151.101.194.49
172.64.151.101
178.250.1.9
179.191.182.65
18.196.149.165
185.86.138.154
185.86.139.103
185.89.210.101
185.89.210.153
192.0.77.48
198.47.127.19
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.183
216.52.2.30
23.212.218.19
23.32.185.35
2600:9000:211e:8200:1b:5138:8a40:93a1
2600:9000:2644:5000:10:4d98:7a80:93a1
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:bdf::45
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:400c:c03::9b
2a01:4f8:d0a:2321::2
2a02:26f0:480:22::1726:62d3
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:b2f6:43fb:c655:2341
2a0b:4d07:101::1
3.124.138.165
3.33.220.150
3.71.149.231
34.96.105.8
34.98.64.218
35.157.81.215
35.186.193.173
35.190.0.66
35.204.158.49
35.214.204.76
35.227.252.103
37.157.6.237
46.228.174.117
49.12.22.42
51.89.9.254
52.51.19.88
52.95.164.120
69.173.144.165
88.198.250.30
94.23.99.218
98.98.134.241
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
01a343b1f563cd8e88b26f9306f8ede3c1579e07460dfa7ea0f9d8752b080a1a
0243ee50ea8323befce817680447c3895ce4b340b5c3b146aabd1c87c88433d4
03dff9f7e28610d42451f69253234f09df0199d2518ab586a1d413132703613a
03f326a65bf8ae174dc32775ddfa5cc8b04e321a9775320b5b3f6660b86a4ce2
043de35f6e87c2e4cb2397d5f4b2b20090bdfafc8926388bcb979d755b390e20
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
05a74a234f84eb6d21bc3c9e33182fa4175a392b4f903f47ce12fe86dde93211
0742ab5172112400e99c4fa095f4c8d6e7182c6fc7c73ce98829edff677a7b1f
0765771a3572d1beada5a5a859c8ad592a7ef1b315d2c547ad6b429cd213ab33
07f20df7f2b44c6077f9ca789f2852ab1e5ccb47e6a575ac3cd00079bd71b24f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99
0f61bca281d4dc1ac70c21fb71708e39da7947085ef38868e92e7b37ab0f3db9
13204ba3da1e1c19ed7b897eeac7632c87005300ead1006e4458f078f2c3d397
151fd429a1dc2cb40ef9f5503d862bc022af3bb4583e705f91edbac953a2f569
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1839b91597c342a4fb450a80cc7bd9414fc31b0ece6e0ac74d4fae85b9dfb787
187e45f7e3b6fc724eef38f521fe9cfb03df474846d2d51e2b5159869c571649
1a0f044b200549f61b2790fd3e647429dd16b13a0484eb7de82f3b71b2f49d5a
1b54b70b5efdba080484ba57b3431cd51da51ca59d09f24777294cb5a83bafa1
1baa480e68f462ca11df407d0a753f4341e51f836133a24af059fd7c8642b117
1ceba7dd05af41e515059fbeb452b1c3579763ed6c65af09085bb7b44834d71a
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1f6f0b50d1257fe9524adef597c812102814062c5037f75c796c013e7f4b5ba6
1f822d21a58289d261181e07e4d6d142ee7993259b2f5ccbdb21b160cbcc40fe
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
253907f2b612b3496b25305cddb8eb331bf64c23148785f003fd12f71400a1ac
255d84ce41693224c7f3140a5b5a71396320ddcc29dee669e15d3c1b2793f79f
2721a291a3e64e47686d408aee3db7fe7a4e473d26f1b545adc0b08fdc61fcb7
29664cfe791ce4b14d4a94be833a1cac6ad064bd0f44e8a716f1d611bb7304f6
29730315cdd4949c09e77f318112d604b26c50a61df252e6eef9fe767bfdd486
2a21999c5642d2e15a6c8278fd60e87969561e3c2ac29254e637063a125d973e
2aec5466d16e21e45c9c419e1a45bd579e0e99ae503b8a7c150bbc1f1781aca3
2dd68096493f4b5850542586ea563d0de9210ec72618647818dbeaf79c7876ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
315dc63217adb8880e0b6213d4d5ec39843826d96f1634ed59dace5e8512dbda
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
359cccf07b0002d9ab019f89d49712716882ffbe0b56bfa835f5a305069ed13e
371aef7e4ae0e93352d9d3f1eaea36e53a90307b0ccbf5a7b1bbf90aedebb98b
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38978bfaa7ced302fe1de9c5df94bbf14fb5e87545602a1a0a42ec9d3d391b13
39e537a2e24252a9277d5c712181b56384d4276bdd4a90eeac43749f65e72ced
3b467ae82504fcf95b465da7b140d74e9f89e4052b6565e0b65653aa4f9d7ea3
3b6f591a9ab6f3924fe3f9f36183f4b33cefd4ff276d6d5cc053d34093abeeeb
3b9ac11a1715a41e95ae26019753f0a8ae52ad14656d647054c4e70571681329
3c1b07d95cf7394a1fa6939b668939850a528144c4b330baa57cf3e9bccd3e7c
3c6f2f0602a218e0c6d67f9212c4c73094d8cc03e0883f25259bbb821c926745
407639df0ffaa2baf7b5febb8a5ca94bb23d37d80960e8643b98fdc9981607e1
419344d70a3008933b8340edb25f62884ddd07b012fe1f5a2183220fe8a1e5a1
41fc6c30fdbd9782bc0333aa22e268db8927eb2e40f2b5060552b47026824a2b
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
444a576f1111762fe24ea07fe7acdd672bc13f1f991a64811ae92c9654ab6e0d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47ca9983c13cabcf926ba237ae839f6371115105e7efd59d78208c6ea32d1a71
486ea7c1c8c7b29342058343e0aef7890e0720eef098f9adc468599f8e6222a4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d478cdffc1abe3d19cf652ab20ff7df09a160ce28954967efa30e6155ec79ef
4daa3dfdea734cc54404aaf6b6015b01e558f9f6b3912498d6d97db60d297598
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef294ec532a97878fa14b7eb2e00191c7766b659c08720890a660eaf6afbf51
50bfed1836335035a3024e0258e2f4adc49b46c13f38032b74ec626c9fca81fb
521df494755beb0c114f3f1c8f301f9e629b8825f6e99713da6e5e8aedd98f83
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aea8309090c3158b82809c83d6510fd2a7e4e5374e8970208396aaed3971bb
594601467b6f9391f7ce920068afa693f7dd865f99144a1c05d3ce20a03c1e78
5a79c650e527667f5b5ba1d73cdcdfbce80004a5709862f8f27ed3695c00612b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5d8c45abdfd793b99478ee66d7ff352866b9a3cc69883cb3830f2e5923334576
6145a322af6ac42116785ce0267857aeba0fa9552d87b5a8b5b155344c61f48d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
64628281ba1370a8323eb1423e4e3a255cc7d8210aeee6aa4d05aa32111002bb
66933e29741fa102aa003cab07f97c245a777b7229bceda50adefd9092452479
6b103899bf4c7fa95c4f3f74d74eebe8c244753eefe7e1a1c309e0deffd21f72
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
72d99db5b8dd5e243a6204387e411faa73f4c793b83b848ee99f1bdf3d432e2c
793840cc626e5360cf6b7010930af86a10a39fe2feb132e20b2569c2871284d6
79dd53057726b936a1a09830544378d4cb92c4af2832e0ada32e7af918a62ec9
7ace0c8d4285602cfa9a553c1d86c003462f8488ecb65d109268970cf04022bf
7b8e3cbb933fa5284e93cb904ca3d68dd4484bfb2c131857b0ab1f7bf93307dd
7d268abdffbdb45abbd463962c5f989ab057c2bb2890a60cfc421e0cfffca647
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852823b7b3af8889256630a2ef7fb54e88397edead6e0260fe363817bb4a00bb
85e8d1af0074da8d8770cd722ad2ab3e8e8835eeaf8f6947f4c68fdcb81322fa
88ea257bf774f16df85dfb40b20a43908c7a3c7c45fea59600ff5fef7cd1ee5a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dba37079590d2048378ef73c3740e8213c844f64221be99337274c21854fcb2
8eedbb41f8dcffab689b5115d7446d9fb9df476cea4979d1d7d4b10f3942e358
907e5ac2db6e5abaaba645ca0008e03a2b1852782bb0d614217212315493c14b
91086596ff182a1d7f5bcd32d5ba5dded40756cfcf74552f5da1b03d9aed3460
9232e8111a718ee12755a08c3cce241e3b7148f04ba35c2db86f97d56abcea22
947b4ad8716b529783dd96fd10fc10ffba2179c7e6bad1fdada4dd67ed396d21
978a3465c90255427186a1451c879ae27966862dc43f16a800de9268ac93fa9c
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99546b2ae4c313c1a29d61cf23e0b46c1a41b47eb4ccb62d136ffe2e4493de34
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9affa55fab58e5a447a7026e1a285f30f0c0a75e677307f52f33ac9d5c6c346c
9eb08588f97f4d99915129647b880a30b0e5a6d368897cb5341352bc5de5a05c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a230d091756111e3e5997fea9350a835e439e10d64b247611dfda813dc9e3bfb
a38affbcb9c4e4b756957ee998b19191738de97f091a0fba1ea6077c37d0ebc5
a3a95bebbeaf2e36b281cc29f078385fee29e11d9e99ae98cda8057e659419b3
a45b7a51c820f8409fd97f0f28f67e754cb384cb11fe82aebaa679a14170158c
a573d518109e45122189dd4da6ccb75a57031fcac6bd1e01eef5254d7c308190
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7448fb068ea063062dbfba1473a99f8a49768544789949c50d45eba3fb5dc7e
a76da4f4a586693a9c34ac90e60747e32d2c69a1717edac770b4e42acb09824c
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ab3f02bcd49e1758c4aa657ee9ef5afd122c6748cc9fb01bf4816e680d353c92
abcde79ebe90d19befe7f2f25bc299f0b6d3cbe62831d44826e71d026c8dfe8b
aef5b16911dc18d752e001631709bb86cba3fc1307916c2e8cbef6f996bbd121
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b108983e2a8c54f38d23ca6462f4e4e2bbc5cf077c8e5a884e2efede6b4aaea9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b437ba02e7fa2f4f63f722fdb472b207dcfd73ce195558790bd4b4b956c1faea
b555d97cd73db32a9b70dc22f3196048fed929345916d8ac09566fd049536dd5
b594e9730508d01fb9d6420ab7474d142234ccb1c5f3da201dcd1f2772cc2494
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b7b5283ca4d4fc3a724a764611872b1f927daa71c0bc4e6ed74708ec8dead8a1
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
bb05c360b1134673894fd0e873e8591f5056f787e7319ed4f2aa40050ec0f025
bb3ed7dc0789a7b8f6695271cfc0071855f61de1a4ffa954f39f29012a56c79d
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc4e96cc53dd030d1f6ef3473fd792648af9f4181144e396b6667f7e167f95e9
bcd48504086c62ab36271eb1572354063c09617b14998f834f39c7ad9a77bb49
bd217e0cbf31d26882a8da025ca170bfe5f15986f0546806b449276fa38221f7
bd9c71029ac6d5dc50b1c6821afac3eb026eb1cd9669cfbdcf03ad131bda4f4d
bec590a08d2dadeb5a2780ca2dbcd6165ac3dc26449f360ad4f660bb6f17824c
beee360d5d4757615a1311f877c3eaa128770c4687aa5455e960ad3dc2cc56c9
c19afe0f18a097f540fb8c4192129a0174161afd9589965020b8135caf959710
c1e4ef9b55d1d9f59caf3c07cca800d0e1f5f9e0b20b5e98a70ce09e83401686
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c3ac282a5416e7feb08d64d845df20e3e97d978c37b6ca1f5f95df911ec4ab7f
c4093cdf62fb7d6f6e0700ae8d2d90396b1e21a1e6c29d7f31ef0147450725e0
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c52d43b130490aed976a08c7c931f063643dac84202c7907862256f70d15205c
c56389d8522a5ff1456ad40cacc1453e9d1aacc19e51a1dc684afe60b7117f88
c58e911e46bc403c7681e8830215c4d06f8a1c4e1e49559a3e2490885f040e36
c87d03dfc56333929aaa699596acee16cdcfb7ac83eeb31d3a8b57c0bb8e8bb2
cbbc566b94ebfff6dc1c55205e20a3049f95d40f8d6642b362b2e15d0b602ebd
cf4a5cb86acb94a1bb3ea40b7daae93301db978dc0817a6e0b93659307787159
d02a80812635703d7e1c8ab390aecafa1b3c994b2044dd637a52c1d248f74e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d11df6f98dd59f641303c583b7082cbbc2bec06906413a46696b1f265dfeeeac
d2ce3a8f6950317dfba6c4b16cb7bc2d4510ead5acadb382f135cb7564cfdf4f
d410b4f1e82575114cc4140f64a0258ec8e16b4530d638bf1c4a77c5c566f24c
d68f6ea0b93ca49336682ce3e591d8cdb1d10dc976e99ec48d3910c041431321
d69d31312f38eb031f175b97d54e5e36fa7924c3cbd310f87df5517682df120d
d9c5a10f403583586ea224d6cfdfd64e1b255ad5798f32a908abe23535fd8fb1
da8a16d07d989ea88c02455ea336e811ef4e7895a61eb225063932842cb0bc87
dbe513530bd8e632ebc936d1d808f02b5df9c6f4f766c547d12bc75304e39dc1
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd194850b6d734c99aaaf94bcf194b69222c45966079669f493efa35d690036e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3c185e5997c594aebe0fb64ba06a9f608553d58719aea47ddcd09bcc49e42b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e355e5226f5e72115b0fa613353cfc67ad4e3f258abcebc25280c3e5fc04db78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048
e4b31cf1e21d4d78d5c4b7063c5494ee08e1bbd0ec793d9e3ed9bc46c3721bf1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d4314dde252260bbe4e4e8301c5df63904b7e18809fe26fb29757a452108e4
e8dbfcc18a4a30652c37b9c3125419c0332ceb10fcbca22484ae97588eb569aa
ea2e043cdf6c48c82abc85edadfa7d36c0c9ec1e419045b0a5097ed99c09dffc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee168108c3a3d6a39d5813d5cf029b32872742a997def2a19cc4cc6406437239
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11881a89ad5ebdbfe75b6a82c4f1359bef968b54a8e006b0b677688ecfeb581
f13058f8e33a2752f1e99c3a75217b2c431fde5f566acf4d9495946bbfa8188f
f24b8b5aa1af942584a8d652d84ffcac663c3c218d6523c7ab4d1cbbe1ffab83
f2a2726d830a605d609744b87d6c6e29c2eb79349b7b11e27f8c0a5da3e61913
f5cb49fe55ba7aa5778ded61a16997ff2ca4d9d4408a6057e5ed36c74b5f94f2
fa59a1b346ab47588e340d74925d35e743b77012db8527d59072b336f10b4e0c
fa963b84220fc65410069eeb6923c5bff90f10f9ddcd2995f3cc49b07e1b6714
fba7e3710de496390723771763719dcd36d60feaf58fda368c9b4385b4700026
fca865cb6e3f6bbe50d090b3c58ea17228113ad6ab969f76a193bcedfc88963a
fcd7ded60ccb19cdfb4c21ea7a3c8c8a9a85137deaecd8466c93c3d930734d8c
ff390ef0db3089b4ad130bc6e0a9b9b23db88b4a0d86a79c4bb4f3f641048a31

uploads.jovemnerd.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

731 Requests

86 %HTTPS

32 %IPv6

60 Domains

88 Subdomains

67 IPs

11 Countries

9723 kBTransfer

21247 kBSize

39 Cookies

95 Outgoing links

Redirected requests

731 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uploads.jovemnerd.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

731
Requests

86 %
HTTPS

32 %
IPv6

60
Domains

88
Subdomains

67
IPs

11
Countries

9723 kB
Transfer

21247 kB
Size

39
Cookies

731 HTTP transactions
16 data transactions