www.guis.com.br Open in urlscan Pro
162.214.98.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Submission Tags: locutor locução spot vinheta comercial gravação propaganda publicidade carro de som rádio Search All
Submission: On November 10 via manual (November 10th 2023, 11:22:54 pm UTC) from BR — Scanned from DE

Summary HTTP 139 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 139 HTTP transactions. The main IP is 162.214.98.9, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.guis.com.br.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.

This is the only time www.guis.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	162.214.98.9 162.214.98.9	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6 15	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
12	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
139	24

6 162.214.98.9 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: rdns.alcmidia.com.br

www.guis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany) 6 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	823 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	329 KB
15	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	89 KB
15	bing.com 6 redirects www.bing.com — Cisco Umbrella Rank: 66	31 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	89 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	107 KB
6	guis.com.br www.guis.com.br	73 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	316 KB
3	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	109 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 894	104 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2781	46 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	94 KB
139	15

	Domain	Requested by
25	imageproxy.eu.criteo.net	ads.eu.criteo.com www.guis.com.br
18	static.criteo.net	ads.eu.criteo.com www.guis.com.br
15	www.bing.com	6 redirects googleads.g.doubleclick.net www.guis.com.br
13	tpc.googlesyndication.com	googleads.g.doubleclick.net www.guis.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.guis.com.br
12	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com acdn.adnxs-simple.com www.guis.com.br
12	pagead2.googlesyndication.com	www.guis.com.br pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com acdn.adnxs-simple.com
6	www.guis.com.br	www.guis.com.br
5	www.googletagservices.com	googleads.g.doubleclick.net www.guis.com.br
4	csm.eu.criteo.net	ads.eu.criteo.com
3	cdn.adnxs.com	googleads.g.doubleclick.net www.guis.com.br
3	adsdk.microsoft.com	googleads.g.doubleclick.net www.guis.com.br
2	rtb.nl3.eu.criteo.com	www.guis.com.br googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	i.clean.gg	acdn.adnxs-simple.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	acdn.adnxs-simple.com	www.guis.com.br
1	www.google.de	www.guis.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.guis.com.br
139	23

This site contains links to these domains. Also see Links.

Domain
www.empresasenegocios.com.br

Subject Issuer	Validity	Valid
*.guis.com.br R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Frame ID: 32230621FB39002BF2D5B094250833E4
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: FF139075E4082F3BF4E521BBB8D11A45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 9FE369C26E8ED169F72F09AD1D3D7EF4
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Frame ID: D5D7668A6D04FACBBCAAA0CA7C2DEDD9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=280&slotname=6617003546&adk=1741748986&adf=1174673369&pi=t.ma~as.6617003546&w=336&lmt=1699658568&format=336x280&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568617&bpp=1&bdt=1058&idt=346&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=1513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=352
Frame ID: 884CF44019D58C6889C6BD2F51B6507B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&adk=1812271804&adf=3025194257&lmt=1699658568&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568643&bpp=3&bdt=1083&idt=333&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90%2C336x280&nras=1&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=347
Frame ID: B0E6182BCD089EF5B8B8C33495026CE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 48549D4D123342D23B91390BD65EA093
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5951A5ED18480639F6218DD6F2B6D320
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F1DC9FCA8A6437623D6637925B55A1F4
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 46C31F7AB57C2B0CE697D03C47FCF46B
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vYDogojAAydOQA2Nveyok847VmiBA&u=%7CgOzat7lD7VLpu0LwkC3czEyrsb0miUYi00qtNTS9DtM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZA6CccDAnFH0prRH17EX7bXVjT1s3UB3NEoaPVb0s-yw3rU0sgV5I4SsMUnzaDqapRG4cVH22anvpXGPcx-Y4S8DVvQe4g5xY7iBt3sTsB6yOpoYVvNNRO2ONIhshbvP1XqjjbM9vDm2MgRhlCAGgAekUxNn09lBSJ17HJ3Sh2y_hIYWAGhTPlOl-9FJTt2WSaPFfhH3yxSudbPU6ANO-kquB7i9Xhkz0q-pWX1B2WGy63jSFhnT8eeAX0Owh2rrqJyePuY88EgltkRTgL5DaoP7-0gK-BElo3ndEvQoesYzrstypABZkTMJkqYL3A-SU8t_meSM2X6ms5X6daqgjmux_FVhizncsB-LPpCEas368DAkHCPdCpYu2UJhf6o-bDeHHUxE5xRU0UoVpFQXnXCYL14z9BzemLbagM_dX85IiAp0kK-vvqwfQ298TbSdpAVcYdUJzdUKThx_nyzymvEGUX7kZcyJXPhPAjjmfdiFw2Q2HE7zu3eeBp-hBKDxB3KdoAK2x8qJXZlUie4njZ4FXZctdbdw1XdHptbDpjIzwwJmWn67vwM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC851MSbtOZfb9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqAJP0CAh3i6AGlFBRi832QtMuOJL15UcULw_uiz72BIkv9Yb3J3seIPwqVN4eHR6O9pHYZo7fqhIvTmi4PN6tiTU1xQcSGUEn3w2n6ewx3IUXznP0k8ku2T36JcEnNy1hV1_LaCMcNtoK2AjLJEeloXm5EviJMBBGz9Mx2hZl4HpivnbUoG_1rnEFjPRjjEGeppqBtJODww6lFU734yRdTB-5-srbJF7rwzzXynuw9vXCcPj8wWErWF1yR0p6jtQUVxFy0hYuPTOU1j4g_AguC2gJ--6Mn5AnoJFkiqM5hiMOfFA4kuVHrDjqlRIEFtKksqaFWMLJHkREyn68O7H-FDDGBI-nLMSuFR7jrjQAoF0Mu6kIJJ8WGnKE3dsn8Oi0aiEHvhPHo116YAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ftPMGJq6Eapjd7W3EkZuAS4cfEg%26client%3Dca-pub-3569764300452713%26adurl%3D
Frame ID: F742E9A69B71197F209E1B75F9AD01FD
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vcDogojAAydOR7dGt8UpmK2VzXNgQ&u=%7CgOzat7lD7VJL0Bz7KgFZqBKuWMR6uEMjxXiKiWlwASo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869M7kUiaBR4FDk6ub6nid2DkvOHztF9HzI-x0Em6y7w2p66OEUkgM139I1ZxiyIs2Pe8HnwwoxpzFwr8mT04pddk8ELyCJDtzIbVAzljFa4lV7hkpx6uoSBuzuvaegXNlLklr8YFiYmD8nGwaXATbXZJHX0jqJ5pKszlTqC7JTORT_0Tem-tWty6DrUp7QJAvFdunBL6_lCmzbVw1YWgTGLyPDjKfQSSwzjjLIeis17xvPDTRbz8HzKOUNG7uixeu3pPaVvq7YAXgocDaUaFDma6PoOfBmLm3onEAqrXXUuN9XNLcQAo2E8UwD9oUsZOK79_BlLfkLknHNKdASswgaKREIDYyVCCGIn9GFUJsodaH2vrr3993BK94kW0ArC0Sbij80OPpesJ6IJ8eWhnQDr8QqKkr89xQH1W--F9Pj0ymUWWAh11KI9FuISjoei0WQRbguiWGChL3yoZc_rvNF9RMkZI--1w59YoW8r7fPDqhgLrg-K153UDOce7v64wzFC0fqx9wAnegop7EBRjrf3rPF2EB6ZNX3WS6_7UhjQGd-EZNm4aRjo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCij_nSbtOZff9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqQJP0Mxx3oN0pxf_Uh6JQOjd43DNBlNsSkuveYhNXkziJzpB8LmrtxLeSLRG_ivXRpBeFZxneTcQWysOMEO1XTvkGtN2JCtyD_IayVmQ6trGeAgwgSLSTf3azKGsKU-phV_80YjS6GfsUF45QHkt-CHgSMkDLf5nEuyJO5s628ev8QNOgQHUs8KU8CIpOoJ0_xM9YkpvqAajph7C1OALZXZ9Dq4CAh3vPLjyRchet7I5UBqbWgxNewxiM1GyZ3Pc2KYgxCwUYj4aHm3AdFGJfjb4xiuGi9LWcbKja_CgYuWZn3p0kAXlaMAlTxgrNqBu1rQVNjdT9MM8k926SFPbQcnzpysqwokyPj5JVyLC2YTkmMbYW4A9SJ1PrJFeZ-tDvp5NyO5-2fh6VT-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ATODEY7o9UXVGsj6Tup9awjfyeQ%26client%3Dca-pub-3569764300452713%26adurl%3D
Frame ID: 67F73B689EAF6D1F9D0E080FAD289F38
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DAA3969ECA0AF0946C2527CEFBDC465
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1610BBB00BAA85AC25AF904040DD9AFF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Locutor vinhetas comerciais gravação de propagandas - Guis - Anúncio de Empresas e Serviços - Grátis

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

96 %
HTTPS

74 %
IPv6

15
Domains

23
Subdomains

24
IPs

4
Countries

2116 kB
Transfer

4529 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.empresasenegocios.com.br/
Title: EMPRESAS E NEGÓCIOS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=45598a5d-32c2-46e2-bb0a-468e00254962&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=48a02ce4-5cee-460c-8eee-de9eee9b6aa8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D6a8e02f3333f452db87f575022e0ada5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=660555059786987014 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6a8e02f3333f452db87f575022e0ada5&SNR=1&GV=2&med=10

Request Chain 22

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe43f27e-8017-4e53-b192-0719016dbaa9&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=20f9a708-bbb8-4627-871c-a7bfd3aa3d1f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D71a4a1c81d1a4e30ab0687660b8e23ab%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=2156993029712634926 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=71a4a1c81d1a4e30ab0687660b8e23ab&SNR=1&GV=2&med=10

Request Chain 45

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=838df3f2-4816-4bcd-a887-e93b3a7401a5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=8f6e2a97-ca62-41cd-a8dc-877b55d1e41b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dfd99d0d9a81d49488ebd7109fae61703%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=7152366544536681749 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fd99d0d9a81d49488ebd7109fae61703&SNR=1&GV=2&med=10

Request Chain 95

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe43f27e-8017-4e53-b192-0719016dbaa9&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=20f9a708-bbb8-4627-871c-a7bfd3aa3d1f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D71a4a1c81d1a4e30ab0687660b8e23ab%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=2156993029712634926 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=71a4a1c81d1a4e30ab0687660b8e23ab&tids=15000&med=10

Request Chain 96

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=45598a5d-32c2-46e2-bb0a-468e00254962&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=48a02ce4-5cee-460c-8eee-de9eee9b6aa8&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D6a8e02f3333f452db87f575022e0ada5%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=660555059786987014 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6a8e02f3333f452db87f575022e0ada5&tids=15000&med=10

Request Chain 138

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=838df3f2-4816-4bcd-a887-e93b3a7401a5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=8f6e2a97-ca62-41cd-a8dc-877b55d1e41b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dfd99d0d9a81d49488ebd7109fae61703%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=7368202&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=7152366544536681749 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd99d0d9a81d49488ebd7109fae61703&tids=15000&med=10

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request locutor-vinhetas-comerciais-gravacao-de-propagandas Show response
www.guis.com.br/438891/ 10 KB
4 KB 644ms
237ms Document
text/html 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: 22ab99da165941e8242bdf94397ce2df4047745f02c8680a23805f9c22c48d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3995
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 23:22:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=400
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK layout.css
www.guis.com.br/scripts/ 17 KB
3 KB 203ms
201ms Stylesheet
text/css 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guis.com.br/scripts/layout.css
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: e8af212e8433e763d680f83e7df7de599b3d5f540c6f95f4d44c2b755b774a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jul 2020 14:47:33 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=399
Content-Length: 3063

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.guis.com.br/scripts/ 94 KB
33 KB 409ms
205ms Script
application/javascript 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.guis.com.br/scripts/jquery-1.11.3.min.js
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 May 2015 14:16:03 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=398
Content-Length: 33279

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
94 KB 261ms
94ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NV918RNLT7

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec9347cc1c7d11911a940f314910638c4987b6aa99f5d2d28a3a629d662bd4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 23:22:48 GMT

GET
H/1.1 200
OK logo.png
www.guis.com.br/imagens/ 4 KB
4 KB 579ms
193ms Image
image/png 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guis.com.br/imagens/logo.png
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: 0c1eecef7ce93d9ca74ce8540fd283c6caf97239caec088c623039451f2f6944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:48 GMT
Last-Modified: Thu, 12 Jul 2012 19:59:48 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=400
Content-Length: 3957

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 273ms
111ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4768ee069227438a58f82f7b875f9c277dbf3b2814946274326dd84bf87f5235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52771
x-xss-protection: 0
server: cafe
etag: 17590466579930292751
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:48 GMT

GET
H/1.1 200
OK 438891_1.jpg
www.guis.com.br/fotos/ 27 KB
27 KB 581ms
193ms Image
image/jpeg 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guis.com.br/fotos/438891_1.jpg
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: 05b5d43e8c7ba55987ebe7ef71c48d36843c73467904fcbf362ef6d9cd2d1e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:48 GMT
Last-Modified: Wed, 11 Oct 2023 01:00:06 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=400
Content-Length: 27382

GET
H/1.1 200
OK tit_marcador.png
www.guis.com.br/imagens/ 1 KB
1 KB 201ms
200ms Image
image/png 162.214.98.9
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.guis.com.br/imagens/tit_marcador.png
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/scripts/layout.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.98.9 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: rdns.alcmidia.com.br
Software: Apache /
Resource Hash: 462866e725d0b50eb80081a8f5c44c05434d0518deff0abb53787cb46676aefb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/scripts/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:48 GMT
Last-Modified: Wed, 11 Jul 2012 20:16:47 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=397
Content-Length: 1041

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3569764300452713&plah=www.guis.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93a8bd5d01da9dfaaf4019c584d3d240d771087b9c577df00bf0407aaf90bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138486
x-xss-protection: 0
server: cafe
etag: 4562951036010222786
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:48 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame FF13 9 KB
4 KB 244ms
78ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 14:08:06 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 14:08:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 166ms
57ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NV918RNLT7&gtm=45je3b81v9137559879&_p=1699658568195&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=765926421.1699658569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699658568&sct=1&seg=0&dl=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&dt=Locutor%20vinhetas%20comerciais%20grava%C3%A7%C3%A3o%20de%20propagandas%20-%20Guis%20-%20An%C3%BAncio%20de%20Empresas%20e%20Servi%C3%A7os%20-%20Gr%C3%A1tis&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1818
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV918RNLT7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guis.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 226ms
75ms Ping
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NV918RNLT7&cid=765926421.1699658569&gtm=45je3b81v9137559879&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV918RNLT7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guis.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 248ms
87ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NV918RNLT7&cid=765926421.1699658569&gtm=45je3b81v9137559879&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1008364900

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FE3 47 KB
18 KB 439ms
438ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3569764300452713&plah=www.guis.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c574921af9f803a2337286a892c0407ca6b05db96e00aeee9cce37499f070c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18481
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Fri, 10 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5D7 46 KB
18 KB 375ms
373ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e4707e2ad0f6c308e836195737b969b8c7927a9a04ee2dc7c40fbcfbb3c22ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Fri, 10 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 884C 718 B
531 B 562ms
559ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=280&slotname=6617003546&adk=1741748986&adf=1174673369&pi=t.ma~as.6617003546&w=336&lmt=1699658568&format=336x280&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568617&bpp=1&bdt=1058&idt=346&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=1513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=352

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5bb3cee101c4121c7090d0f412619bab361728b52557a18c6110af25ec373d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Fri, 10 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0E6 196 KB
36 KB 698ms
697ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&adk=1812271804&adf=3025194257&lmt=1699658568&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568643&bpp=3&bdt=1083&idt=333&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90%2C336x280&nras=1&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=347

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a24e394683f3acb57a46eb75d2c5d471713e5d5ff39d3ddab789092e78a3c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36198
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Fri, 10 Nov 2023 23:22:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame D5D7
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=45598a5d-32c2-46e2-bb0a-468e00254962&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=48a02ce4-5cee-460c...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6a8e02f3333f452db87f575022e0ada5&SNR=1&GV=2&med=10

0
548 B

76ms
75ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6a8e02f3333f452db87f575022e0ada5&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3F56B5681474ED28B29476E06E649CA Ref B: DUS30EDGE0417 Ref C: 2023-11-10T23:22:49Z
x-cdn-traceid: 0.92a12417.1699658569.3e4aa0b6
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 189BC01FD8EB47CAB736DF79F0157CDB Ref B: FRA31EDGE0816 Ref C: 2023-11-10T23:22:49Z
x-cdn-traceid: 0.92a12417.1699658569.3e4a9fad
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6a8e02f3333f452db87f575022e0ada5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame D5D7 91 KB
36 KB 155ms
88ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 10 Nov 2023 23:22:49 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231110T232249Z-83ph6nwmdx6637kee2a0acnhr400000000ug00000000wh87
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 551ad05e-d01e-00ca-4f09-14e0ef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame D5D7 80 KB
27 KB 138ms
39ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sat, 09 Nov 2024 23:22:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame D5D7 3 KB
1 KB 267ms
98ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame D5D7 20 KB
9 KB 245ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5D7 199 KB
64 KB 275ms
113ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:49 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 9FE3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe43f27e-8017-4e53-b192-0719016dbaa9&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=20f9a708-bbb8-4627...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=71a4a1c81d1a4e30ab0687660b8e23ab&SNR=1&GV=2&med=10

0
547 B

201ms
201ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=71a4a1c81d1a4e30ab0687660b8e23ab&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1919CA4170F44EA78BB6D932E44FB144 Ref B: DUS30EDGE0412 Ref C: 2023-11-10T23:22:49Z
x-cdn-traceid: 0.92a12417.1699658569.3e4aa0b7
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D2B8FD9BAEF4F3B8C54FC5E5F92F55D Ref B: FRAEDGE1415 Ref C: 2023-11-10T23:22:49Z
x-cdn-traceid: 0.92a12417.1699658569.3e4a9fae
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=71a4a1c81d1a4e30ab0687660b8e23ab&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 9FE3 91 KB
36 KB 103ms
88ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 10 Nov 2023 23:22:49 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231110T232249Z-83ph6nwmdx6637kee2a0acnhr400000000ug00000000wh88
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 551ad05e-d01e-00ca-4f09-14e0ef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 9FE3 80 KB
27 KB 135ms
39ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sat, 09 Nov 2024 23:22:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9FE3 3 KB
1 KB 216ms
101ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 9FE3 20 KB
8 KB 201ms
87ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FE3 199 KB
63 KB 352ms
245ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:49 GMT

GET
H3 200 th
www.bing.com/ Frame 9FE3 5 KB
5 KB 56ms
56ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.10239328756919_1FLBU0NNI5GF30KXS&pid=21.2&c=3&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 637e013c5a73985f8d4cbb3ebacd3116ce574dad5e082ac3bd57358e4174c4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1699658569.3e4aa254
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5175
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3 200 th
www.bing.com/ Frame D5D7 8 KB
8 KB 78ms
77ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215958471142_1JM55KEOMTJPC3R9BP&pid=21.2&c=17&roil=0&roit=0.3032&roir=1&roib=0.6968&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 97fa36fd66fa53b772997aaa6810a16687584e6d1be703c1126d719b3ec6e0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1699658569.3e4aa255
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 8020
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame D5D7 0
533 B 392ms
48ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QK2BOg2AgAAAwDWAAUBCMn2uqoGEIbswum76rCVCRgAKjYJygXgbIRnmT8RBmPwEoa6mD8ZAAAAYD0Ktz8hBg0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR42PUFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8LwvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA9zkNeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBejV48vD8eK8WMAFAMkFAAAAAAAA8D_SBQkJAAABDHQAANgFAeAFAfAFz0n6BQQIABAAkAYAmAYAuAYAwQYJIizwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2PUF0gcNCREoASYI2gcGAV6gGADgBwDqBwIIAPAHmTaKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=2a28309d67fd92e936b203a643f3592303943303&bdref=https%3A%2F%2Fwww.guis.com.br%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.guis.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3569764300452713%26output%3Dhtml%26h%3D90%26slotname%3D0660167667%26adk%3D4061719698%26adf%3D3575115697%26pi%3Dt.ma~as.0660167667%26w%3D728%26lmt%3D1699658568%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.guis.com.br%252F438891%252Flocutor-vinhetas-comerciais-gravacao-de-propagandas%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699658568616%26bpp%3D1%26bdt%3D1056%26idt%3D311%26shv%3Dr20231108%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D160x600%26correlator%3D6024361649751%26frm%3D20%26pv%3D1%26ga_vid%3D765926421.1699658569%26ga_sid%3D1699658569%26ga_hid%3D1788471661%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D299%26ady%3D377%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C31079404%252C31079406%252C44807461%252C31078301%252C31079382%252C31079156%252C44807764%252C44808149%252C44808285%26oid%3D2%26pvsid%3D3326864121130363%26tmod%3D730098446%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CeE%257C%26abl%3DNS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D316&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: 4967fc79-7a71-407c-aa62-d3fecc145c6f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 9FE3 0
532 B 437ms
106ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QK3BOg3AgAAAwDWAAUBCMn2uqoGEK7Ij7i3t8v3HRgAKjYJ5Kv2aggtlz8RnvxM1jaPlj8ZAAAAYD0Ktz8hng0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4v_UFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8LwvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA9zkNeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZytv8zNrfK6f8AFAMkFAAAAAAAA8D_SBQkJAAABDHgAANgFAeAFAfAF-dpL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7_1BdIHDQkRKAEmCNoHBgFeoBgA4AcA6gcCCADwB5k2iggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=9443030ebe36580395a02d50ec0c2c502cda1345&bdref=https%3A%2F%2Fwww.guis.com.br%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.guis.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3569764300452713%26output%3Dhtml%26h%3D600%26slotname%3D7270229841%26adk%3D3651661018%26adf%3D3545011930%26pi%3Dt.ma~as.7270229841%26w%3D160%26lmt%3D1699658568%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.guis.com.br%252F438891%252Flocutor-vinhetas-comerciais-gravacao-de-propagandas%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699658568610%26bpp%3D6%26bdt%3D1050%26idt%3D283%26shv%3Dr20231108%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6024361649751%26frm%3D20%26pv%3D2%26ga_vid%3D765926421.1699658569%26ga_sid%3D1699658569%26ga_hid%3D1788471661%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1053%26ady%3D228%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31078019%252C31079404%252C31079406%252C44807461%252C31078301%252C31079382%252C31079156%252C44807764%252C44808149%252C44808285%26oid%3D2%26pvsid%3D3326864121130363%26tmod%3D730098446%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D303&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: d49845be-7029-4ccc-9b55-ce68ac8be4c6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab1e0476b484a782846b68522092a942bfd8b7af2d7097bd47112028deb55f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55821
x-xss-protection: 0
server: cafe
etag: 10735758902771881722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:50 GMT

GET
DATA 200
OK truncated
/ Frame D5D7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c721cb1b48ebaaaf8eb8aa13348a8dc4ab34e091c426e4d88bbc99eb65b6fb7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame D5D7 0
556 B 34ms
33ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLlB-jlAwAAAwDWAAUBCMn2uqoGEIbswum76rCVCRgAKjYJygXgbIRnmT8RBmPwEoa6mD8ZAAAAYD0Ktz8hBg0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR42PUFgAEBigEDVVNEkgUG8EmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gENMS1ndWlzLmNvbS5ictgC8AbgAqKoMeoCUmh0dHBzOi8vd3d3Lh0j8MIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDrAMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00OGEwMmNlNC01Y2VlLTQ2MGMtOGVlZS1kZTllZWU5YjZhYTgmYmlkSWQ9MTUwMDABDFhkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZC5cABhwdWJsaXNoBSkkMTYyNjQ1MzMwJgU3BDhhhnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzM2ODIwMiZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8NBfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI2NjA1NTUwNTk3ODY5ODcwMTQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU9UTXlNekl3TnprMU16Z2pNak15TkRBNU1qY3dNemM0TmpFMk9RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEW4WIgFAZgFAKAF6NXjy8Px4rxYwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AXPSfoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9j1BdIHDRVkASYI2gcGAV6sGADgBwDqBwIIAPAHmTaKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7a4d917eb255d1a5eba6fdab2330703d6c0649ed&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=6118574091178356970&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: 97e7304e-394a-405c-b04d-d6fe22b191e0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5D7 0
23 B 125ms
123ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFfFBSbtOZchKl46IzQ-LlJagDdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTM1Njk3NjQzMDA0NTI3MTPIAQmoAwHIAwKqBKACT9DQ2cKFrG2NLZkuBB1tKTrrUBq_5iv808XaEzROUfJRBntfobtJOWJdPQ57-UGOzJ57_LK_MUbmUWxMfeWyLY97LPKVw-5nvEO6Pc2cYoLn5sXtmNFQRcAT4zLr8cJjhpcJfhtkX5WumUki6LFofANeVKDBx2w3JFyz2kOaMqEOoFJX8RuiahPva_ftit7oN2rOtlKIIs5Ypgu50KjI2ieayiyDmJdId-TF4WO0IVtrnnPxud63pQxHOHgrIlkCjEYhYCzAyR2i7_142HiOx65VyCYawdX7tvyIrzOFlchaRhREuElVpRp8RDi-0UhikGLhAeQIxXq-eworhXI5KDSzyYMgj9AkIEpBAH0lEQZQCT4rLO-QVyglsbl3MmvxgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM1Njk3NjQzMDA0NTI3MTMYAA&sigh=DLfYriSB-xE&uach_m=[UACH]&cid=CAQSTgDICaaNJQvenVsVXhgkE3ZWevd4MrorEvsViz20mOLKtcTC5Sx6JUk2mWOE2eTa_mppN9hy4O5U7mHB5n9wQ6q7uN2XvEhdWneunu9lwRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=90&slotname=0660167667&adk=4061719698&adf=3575115697&pi=t.ma~as.0660167667&w=728&lmt=1699658568&format=728x90&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568616&bpp=1&bdt=1056&idt=311&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=6024361649751&frm=20&pv=1&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=299&ady=377&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Nov 2023 23:22:50 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame D5D7 0
532 B 34ms
33ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLlB-jlAwAAAwDWAAUBCMn2uqoGEIbswum76rCVCRgAKjYJygXgbIRnmT8RBmPwEoa6mD8ZAAAAYD0Ktz8hBg0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR42PUFgAEBigEDVVNEkgUG8EmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gENMS1ndWlzLmNvbS5ictgC8AbgAqKoMeoCUmh0dHBzOi8vd3d3Lh0j8MIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDrAMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00OGEwMmNlNC01Y2VlLTQ2MGMtOGVlZS1kZTllZWU5YjZhYTgmYmlkSWQ9MTUwMDABDFhkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZC5cABhwdWJsaXNoBSkkMTYyNjQ1MzMwJgU3BDhhhnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzM2ODIwMiZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8NBfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI2NjA1NTUwNTk3ODY5ODcwMTQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU9UTXlNekl3TnprMU16Z2pNak15TkRBNU1qY3dNemM0TmpFMk9RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEW4WIgFAZgFAKAF6NXjy8Px4rxYwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AXPSfoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9j1BdIHDRVkASYI2gcGAV6sGADgBwDqBwIIAPAHmTaKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7a4d917eb255d1a5eba6fdab2330703d6c0649ed&pp=ZU67SQAAJUgDogcXAAWKCzO94DC5NiLvswCNrw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2bqYSbtOZchKl46IzQ-LlJagDdLg1-Buj6S2k5MKwI23ARABIABglfrwgYwHggEXY2EtcHViLTM1Njk3NjQzMDA0NTI3MTPIAQmoAwHIAwKqBKMCT9DQ2cKFrG2NLZkuBB1tKTrrUBq_5iv808XaEzROUfJRBntfobtJOWJdPQ57-UGOzJ57_LK_MUbmUWxMfeWyLY97LPKVw-5nvEO6Pc2cYoLn5sXtmNFQRcAT4zLr8cJjhpcJfhtkX5WumUki6LFofANeVKDBx2w3JFyz2kOaMqEOoFJX8RuiahPva_ftit7oN2rOtlKIIs5Ypgu50KjI2ieayiyDmJdId-TF4WO0IVtrnnPxud63pQxHOHgrIlkCjEYhYCzAyR2i7_142HiOx65VyCYawdX7tvyIrzOFlchaRhREuElVpRp8RDi-0UhikGLhAeQIxXq-e0gppOD7jM7eXXlUOk59pPxFI3ehGChI0JytdWss1wIJqXn20AZlizt-gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0rlm8PqvWuV-ao6TKvc31flZWofA%26client%3Dca-pub-3569764300452713%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: 8980b1c7-cb43-40dd-8f37-f4dbe6de3a08
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9FE3 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 990c89d3b6bb14e36828486b361f3655e37f9694d9cb11e9dc7d91529ef09ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9FE3 0
556 B 53ms
53ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLVB-jVAwAAAwDWAAUBCMn2uqoGEK7Ij7i3t8v3HRgAKjYJ5Kv2aggtlz8RnvxM1jaPlj8ZAAAAYD0Ktz8hng0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4v_UFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmgMKsAJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yMGY5YTcwOC1iYmI4LTQ2MjctODcxYy1hN2JmZDNhYTNkMWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzIxNTY5OTMwMjk3MTI2MzQ5MjYiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RRek1Ua3pOREF5TmpjME1qVWpNak16TmpFeE9EWXhNakUwTlRBd09RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWcrb_Mza3yun_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAARPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHv_UF0gcNCREoASYM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=4d85494a75c461dc7440163c0d3c3429e7501c83&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=160&sid=6118574091178356970&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&sw=1600&sh=1200&pw=160&ph=600&ww=160&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: b2df3d96-bbd4-403b-a76b-cbd6ac6d914e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9FE3 0
23 B 124ms
123ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjD3VSLtOZfrGPIeyiM0Pi9224AfS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqAMByAMCqgShAk_Q-x1g3bxkdshVymwFZ2spS6Vg3s7X9BmsY8KWs9fBv16Rv-lJDGcR4gAPIQxqv10UFfo4Inqa7cyIWcKJgawmjGs0jZRbSSXJLBWa2JeHXgwenNFwmKWCILXXQuNJxZu7RexFqo0h5xndZrYQMPPIpwg00fO9lEvIUw0rnpVn-5tobG605OMwljppk1PzbnLFEhQvf7OfkIAX6zwVT0VWuVdpabR135sN9qaa09zYkhoaZ6R8R849Wk5HjRH6BNw-LvKRWuOvZi8amd9kmldRoKYGfRv1WvMPBqzqfHRhbKIVRVg3qRGPBJ4l73CBUtclBZFFM33e-O8VNQVvnFLQhSZ67arWxmqtfezj38t57zr4Md9Gk36v2pS35Ojj3RSABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU2OTc2NDMwMDQ1MjcxMxgA&sigh=RFwdKBw_LYY&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNWN-tMyI7tFCxfIg8LmkV3EBA5ERo-4x94P0bx_0mPstNfhZ1AW9SdSY3UHQRVrNG0E0y6A-Wf4mrH_Ec0jt4BI9yRmVu27hqixgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3569764300452713&output=html&h=600&slotname=7270229841&adk=3651661018&adf=3545011930&pi=t.ma~as.7270229841&w=160&lmt=1699658568&format=160x600&url=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699658568610&bpp=6&bdt=1050&idt=283&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6024361649751&frm=20&pv=2&ga_vid=765926421.1699658569&ga_sid=1699658569&ga_hid=1788471661&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1053&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078019%2C31079404%2C31079406%2C44807461%2C31078301%2C31079382%2C31079156%2C44807764%2C44808149%2C44808285&oid=2&pvsid=3326864121130363&tmod=730098446&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=303
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Nov 2023 23:22:50 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 9FE3 0
532 B 34ms
33ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLVB-jVAwAAAwDWAAUBCMn2uqoGEK7Ij7i3t8v3HRgAKjYJ5Kv2aggtlz8RnvxM1jaPlj8ZAAAAYD0Ktz8hng0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4v_UFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmgMKsAJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yMGY5YTcwOC1iYmI4LTQ2MjctODcxYy1hN2JmZDNhYTNkMWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzIxNTY5OTMwMjk3MTI2MzQ5MjYiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RRek1Ua3pOREF5TmpjME1qVWpNak16TmpFeE9EWXhNakUwTlRBd09RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWcrb_Mza3yun_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAARPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHv_UF0gcNCREoASYM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=4d85494a75c461dc7440163c0d3c3429e7501c83&pp=ZU67SAAPI3oDohkHAA2ui8DMW3WYrRcZrTjzsA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHKqUSLtOZfrGPIeyiM0Pi9224AfS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqAMByAMCqgSkAk_Q-x1g3bxkdshVymwFZ2spS6Vg3s7X9BmsY8KWs9fBv16Rv-lJDGcR4gAPIQxqv10UFfo4Inqa7cyIWcKJgawmjGs0jZRbSSXJLBWa2JeHXgwenNFwmKWCILXXQuNJxZu7RexFqo0h5xndZrYQMPPIpwg00fO9lEvIUw0rnpVn-5tobG605OMwljppk1PzbnLFEhQvf7OfkIAX6zwVT0VWuVdpabR135sN9qaa09zYkhoaZ6R8R849Wk5HjRH6BNw-LvKRWuOvZi8amd9kmldRoKYGfRv1WvMPBqzqfHRhbKIVRVg3qRGPBJ4l73CBUtclBZFFM33e-O8VdwdODpB0f0vuF95jWDMpy-jA1U9wwSIhk1kfF8Iv8LivJGkBsICCytuABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1mi3RYtqlrdUf8um1t4XzibZMzSQ%26client%3Dca-pub-3569764300452713%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: 0f50d48c-46ba-4d0e-8f04-744f081abc46
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 4854 9 KB
4 KB 80ms
77ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 03:25:12 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 03:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 5951 9 KB
4 KB 81ms
77ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 03:25:12 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 03:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame F1DC 9 KB
4 KB 84ms
83ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 03:25:12 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 03:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 46C3 129 KB
46 KB 103ms
27ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires: Sun, 05 Nov 2023 05:46:12 GMT
Date: Fri, 10 Nov 2023 23:22:50 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 64057
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 46953
X-Served-By: cache-lga13622-LGA, cache-fra-eddf8230079-FRA
Last-Modified: Thu, 05 Oct 2023 15:31:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1699658570.456548,VS0,VE0
ETag: W/"651ed6df-204b6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 98, 30573

GET
H3

200

c.gif
www.bing.com/aes/ Frame 46C3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=838df3f2-4816-4bcd-a887-e93b3a7401a5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=8f6e2a97-ca62-41cd...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fd99d0d9a81d49488ebd7109fae61703&SNR=1&GV=2&med=10

0
18 B

97ms
96ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fd99d0d9a81d49488ebd7109fae61703&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B9503F401964915ACFF346872A1D0C4 Ref B: FRAEDGE1806 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4aabd3
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F920292E840C46E685C7D1F9BF46BA8E Ref B: DUS30EDGE0418 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4aaafb
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=fd99d0d9a81d49488ebd7109fae61703&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 46C3 91 KB
36 KB 62ms
58ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231110T232250Z-83ph6nwmdx6637kee2a0acnhr400000000ug00000000whfa
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 551ad05e-d01e-00ca-4f09-14e0ef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 46C3 80 KB
27 KB 47ms
43ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 23:22:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sat, 09 Nov 2024 23:22:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 46C3 3 KB
1 KB 87ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 46C3 20 KB
8 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46C3 199 KB
63 KB 112ms
110ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:50 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F742 148 KB
50 KB 216ms
151ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vYDogojAAydOQA2Nveyok847VmiBA&u=%7CgOzat7lD7VLpu0LwkC3czEyrsb0miUYi00qtNTS9DtM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZA6CccDAnFH0prRH17EX7bXVjT1s3UB3NEoaPVb0s-yw3rU0sgV5I4SsMUnzaDqapRG4cVH22anvpXGPcx-Y4S8DVvQe4g5xY7iBt3sTsB6yOpoYVvNNRO2ONIhshbvP1XqjjbM9vDm2MgRhlCAGgAekUxNn09lBSJ17HJ3Sh2y_hIYWAGhTPlOl-9FJTt2WSaPFfhH3yxSudbPU6ANO-kquB7i9Xhkz0q-pWX1B2WGy63jSFhnT8eeAX0Owh2rrqJyePuY88EgltkRTgL5DaoP7-0gK-BElo3ndEvQoesYzrstypABZkTMJkqYL3A-SU8t_meSM2X6ms5X6daqgjmux_FVhizncsB-LPpCEas368DAkHCPdCpYu2UJhf6o-bDeHHUxE5xRU0UoVpFQXnXCYL14z9BzemLbagM_dX85IiAp0kK-vvqwfQ298TbSdpAVcYdUJzdUKThx_nyzymvEGUX7kZcyJXPhPAjjmfdiFw2Q2HE7zu3eeBp-hBKDxB3KdoAK2x8qJXZlUie4njZ4FXZctdbdw1XdHptbDpjIzwwJmWn67vwM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC851MSbtOZfb9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqAJP0CAh3i6AGlFBRi832QtMuOJL15UcULw_uiz72BIkv9Yb3J3seIPwqVN4eHR6O9pHYZo7fqhIvTmi4PN6tiTU1xQcSGUEn3w2n6ewx3IUXznP0k8ku2T36JcEnNy1hV1_LaCMcNtoK2AjLJEeloXm5EviJMBBGz9Mx2hZl4HpivnbUoG_1rnEFjPRjjEGeppqBtJODww6lFU734yRdTB-5-srbJF7rwzzXynuw9vXCcPj8wWErWF1yR0p6jtQUVxFy0hYuPTOU1j4g_AguC2gJ--6Mn5AnoJFkiqM5hiMOfFA4kuVHrDjqlRIEFtKksqaFWMLJHkREyn68O7H-FDDGBI-nLMSuFR7jrjQAoF0Mu6kIJJ8WGnKE3dsn8Oi0aiEHvhPHo116YAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ftPMGJq6Eapjd7W3EkZuAS4cfEg%26client%3Dca-pub-3569764300452713%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

911ea142e942c66ad04efb0035481c6201e797e24405738eff42d40940a5177d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oqZruVAviN6RyBFcrP2Cz3BhuHxXNBgBnlVNI1aUaYAToFNkdsDHKeDdWi5ucy_Hacn88oLfzyEZ8UdT9RJFiYADhYbVAH-MKiMDprxlVCj7saZ6Hk90zRxoRnZN82q15CApCq-1i9V8Jo-_6Bbjya2_no8hZOeqAoe1qBS0yHNfE8Kb3LaEtf2fo3TDZIzc1HHupZu243ijKdJxbJsCVKyNKF6NO6VzXHAmmogfyg1R0i0V3ADORprYFEWRV2pCPZZaXQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54539861
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 5951 3 KB
1 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 5951 20 KB
8 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5951 199 KB
63 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:50 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 67F7 180 KB
56 KB 138ms
90ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vcDogojAAydOR7dGt8UpmK2VzXNgQ&u=%7CgOzat7lD7VJL0Bz7KgFZqBKuWMR6uEMjxXiKiWlwASo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869M7kUiaBR4FDk6ub6nid2DkvOHztF9HzI-x0Em6y7w2p66OEUkgM139I1ZxiyIs2Pe8HnwwoxpzFwr8mT04pddk8ELyCJDtzIbVAzljFa4lV7hkpx6uoSBuzuvaegXNlLklr8YFiYmD8nGwaXATbXZJHX0jqJ5pKszlTqC7JTORT_0Tem-tWty6DrUp7QJAvFdunBL6_lCmzbVw1YWgTGLyPDjKfQSSwzjjLIeis17xvPDTRbz8HzKOUNG7uixeu3pPaVvq7YAXgocDaUaFDma6PoOfBmLm3onEAqrXXUuN9XNLcQAo2E8UwD9oUsZOK79_BlLfkLknHNKdASswgaKREIDYyVCCGIn9GFUJsodaH2vrr3993BK94kW0ArC0Sbij80OPpesJ6IJ8eWhnQDr8QqKkr89xQH1W--F9Pj0ymUWWAh11KI9FuISjoei0WQRbguiWGChL3yoZc_rvNF9RMkZI--1w59YoW8r7fPDqhgLrg-K153UDOce7v64wzFC0fqx9wAnegop7EBRjrf3rPF2EB6ZNX3WS6_7UhjQGd-EZNm4aRjo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCij_nSbtOZff9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqQJP0Mxx3oN0pxf_Uh6JQOjd43DNBlNsSkuveYhNXkziJzpB8LmrtxLeSLRG_ivXRpBeFZxneTcQWysOMEO1XTvkGtN2JCtyD_IayVmQ6trGeAgwgSLSTf3azKGsKU-phV_80YjS6GfsUF45QHkt-CHgSMkDLf5nEuyJO5s628ev8QNOgQHUs8KU8CIpOoJ0_xM9YkpvqAajph7C1OALZXZ9Dq4CAh3vPLjyRchet7I5UBqbWgxNewxiM1GyZ3Pc2KYgxCwUYj4aHm3AdFGJfjb4xiuGi9LWcbKja_CgYuWZn3p0kAXlaMAlTxgrNqBu1rQVNjdT9MM8k926SFPbQcnzpysqwokyPj5JVyLC2YTkmMbYW4A9SJ1PrJFeZ-tDvp5NyO5-2fh6VT-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ATODEY7o9UXVGsj6Tup9awjfyeQ%26client%3Dca-pub-3569764300452713%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cdaf2a3d4b897bb3d1fa226fd8d5e56dfc4c304ac93fb4708bbe4d79becf0bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4gTLNFAviN6RyBFcFwOShnpR_4qI527IL8qdrkjQbFlmSYB_kukimB_F3w2YubVIcN6ladQSyiKuIbAjsf19ni7AJtu1IrHVJZXsLQ-d355Ba6A2l6Vi5LysWU7QNIictX5SlfrS5Jepu4y05n_ynn3AON0733SjVgYVuCtSL1VU783s1Z1oujDAuakbK_rOUq1INACeULIrGd88DFoYALN0r5olpMBwsb2mK7BCMuEyA-gK4c7122LXDB3VW2GwH4pZ_w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 50765644
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame F1DC 3 KB
1 KB 87ms
84ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 10:02:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame F1DC 20 KB
8 KB 80ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:02:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:02:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1DC 199 KB
63 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:22:50 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 196ms
117ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 10 Nov 2023 23:22:50 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ Frame 46C3 0
104 B 117ms
116ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 th
www.bing.com/ Frame 46C3 15 KB
15 KB 35ms
34ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215953420558_1NGNQ4GTNLBIHR3U8W&pid=21.2&c=16&roil=0.2383&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f505ad6cf5f25a0944fb5587f37f4a5ee75806ad6b5e1576bb46324f7675a59e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1699658570.3e4aacdd
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15243
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 46C3 0
532 B 36ms
35ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: 3c653885-4ce9-4168-a474-817194b789ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F1DC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b26967f18b1665ae4c96c385f7109ce83cf784b5b769a3f67284f44faff02f20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 67F7 2 KB
1 KB 94ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vcDogojAAydOR7dGt8UpmK2VzXNgQ&u=%7CgOzat7lD7VJL0Bz7KgFZqBKuWMR6uEMjxXiKiWlwASo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869M7kUiaBR4FDk6ub6nid2DkvOHztF9HzI-x0Em6y7w2p66OEUkgM139I1ZxiyIs2Pe8HnwwoxpzFwr8mT04pddk8ELyCJDtzIbVAzljFa4lV7hkpx6uoSBuzuvaegXNlLklr8YFiYmD8nGwaXATbXZJHX0jqJ5pKszlTqC7JTORT_0Tem-tWty6DrUp7QJAvFdunBL6_lCmzbVw1YWgTGLyPDjKfQSSwzjjLIeis17xvPDTRbz8HzKOUNG7uixeu3pPaVvq7YAXgocDaUaFDma6PoOfBmLm3onEAqrXXUuN9XNLcQAo2E8UwD9oUsZOK79_BlLfkLknHNKdASswgaKREIDYyVCCGIn9GFUJsodaH2vrr3993BK94kW0ArC0Sbij80OPpesJ6IJ8eWhnQDr8QqKkr89xQH1W--F9Pj0ymUWWAh11KI9FuISjoei0WQRbguiWGChL3yoZc_rvNF9RMkZI--1w59YoW8r7fPDqhgLrg-K153UDOce7v64wzFC0fqx9wAnegop7EBRjrf3rPF2EB6ZNX3WS6_7UhjQGd-EZNm4aRjo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCij_nSbtOZff9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqQJP0Mxx3oN0pxf_Uh6JQOjd43DNBlNsSkuveYhNXkziJzpB8LmrtxLeSLRG_ivXRpBeFZxneTcQWysOMEO1XTvkGtN2JCtyD_IayVmQ6trGeAgwgSLSTf3azKGsKU-phV_80YjS6GfsUF45QHkt-CHgSMkDLf5nEuyJO5s628ev8QNOgQHUs8KU8CIpOoJ0_xM9YkpvqAajph7C1OALZXZ9Dq4CAh3vPLjyRchet7I5UBqbWgxNewxiM1GyZ3Pc2KYgxCwUYj4aHm3AdFGJfjb4xiuGi9LWcbKja_CgYuWZn3p0kAXlaMAlTxgrNqBu1rQVNjdT9MM8k926SFPbQcnzpysqwokyPj5JVyLC2YTkmMbYW4A9SJ1PrJFeZ-tDvp5NyO5-2fh6VT-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ATODEY7o9UXVGsj6Tup9awjfyeQ%26client%3Dca-pub-3569764300452713%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 67F7 2 KB
1 KB 95ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 67F7 308 B
636 B 52ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 67F7 293 B
621 B 53ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 67F7 43 B
348 B 97ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1-7hmnsnO68UYrYiDu2RaQt1qcxIhmXzIbDAWfPSiofUTST_4P-Z4pnUUl9QubvK1C7847krcZXPOwRJaelwhIa6CukCyrh7B_3sWvZkHxbi7PW7XCnbCW_nuBERA8Uo72jOSVgRDylUUsfRXMndCekgqLUbXf9EF2x00_7Y9wJ8-miNitl6JDlcY52_ItrvrVB040E_zgOUj-eexhRSO6eoSYiuAWvCFrnsLvPdKtQdIMFEzywVddBCPLZz_STYHciRgluU933EMdWz8gKaWsOCEPII1bMlFxfmO5Z1oHZl0PRsSM24zeA5crCDJbb0X2L5YB2zj9s9f252vN7c8sb0FT01sUojfHvifxawjPgEMnTst5pGrUnYC-WEak6xw15MB-mkoKSqxi-YgvpE-lbdiXEEzFjabXwYGZgittU_DQM5kx7n6zlmpDFPFLni5kugeA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1695989
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 67F7 12 KB
5 KB 68ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1458012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlrq5L9xDTBgGOOU%2FGZejHXqHt0zzcF2IcQmqRvLcnnNeEFyb%2BEiAXizoI2b52zPDopbqxbZULtLH7x7%2BUOIz4773AOEssahJXKbaUsZVSjtfU3TMaYww%2BKMV%2F%2FE3n01ilMW7jQWuGOMNU%2BieULcBF37"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82420a32cf174528-TXL
expires: Wed, 30 Oct 2024 23:22:50 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 67F7 38 KB
38 KB 136ms
74ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 67F7 46 KB
46 KB 123ms
61ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F742 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZU67SQAA_vYDogojAAydOQA2Nveyok847VmiBA&u=%7CgOzat7lD7VLpu0LwkC3czEyrsb0miUYi00qtNTS9DtM%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZA6CccDAnFH0prRH17EX7bXVjT1s3UB3NEoaPVb0s-yw3rU0sgV5I4SsMUnzaDqapRG4cVH22anvpXGPcx-Y4S8DVvQe4g5xY7iBt3sTsB6yOpoYVvNNRO2ONIhshbvP1XqjjbM9vDm2MgRhlCAGgAekUxNn09lBSJ17HJ3Sh2y_hIYWAGhTPlOl-9FJTt2WSaPFfhH3yxSudbPU6ANO-kquB7i9Xhkz0q-pWX1B2WGy63jSFhnT8eeAX0Owh2rrqJyePuY88EgltkRTgL5DaoP7-0gK-BElo3ndEvQoesYzrstypABZkTMJkqYL3A-SU8t_meSM2X6ms5X6daqgjmux_FVhizncsB-LPpCEas368DAkHCPdCpYu2UJhf6o-bDeHHUxE5xRU0UoVpFQXnXCYL14z9BzemLbagM_dX85IiAp0kK-vvqwfQ298TbSdpAVcYdUJzdUKThx_nyzymvEGUX7kZcyJXPhPAjjmfdiFw2Q2HE7zu3eeBp-hBKDxB3KdoAK2x8qJXZlUie4njZ4FXZctdbdw1XdHptbDpjIzwwJmWn67vwM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC851MSbtOZfb9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEqAJP0CAh3i6AGlFBRi832QtMuOJL15UcULw_uiz72BIkv9Yb3J3seIPwqVN4eHR6O9pHYZo7fqhIvTmi4PN6tiTU1xQcSGUEn3w2n6ewx3IUXznP0k8ku2T36JcEnNy1hV1_LaCMcNtoK2AjLJEeloXm5EviJMBBGz9Mx2hZl4HpivnbUoG_1rnEFjPRjjEGeppqBtJODww6lFU734yRdTB-5-srbJF7rwzzXynuw9vXCcPj8wWErWF1yR0p6jtQUVxFy0hYuPTOU1j4g_AguC2gJ--6Mn5AnoJFkiqM5hiMOfFA4kuVHrDjqlRIEFtKksqaFWMLJHkREyn68O7H-FDDGBI-nLMSuFR7jrjQAoF0Mu6kIJJ8WGnKE3dsn8Oi0aiEHvhPHo116YAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0ftPMGJq6Eapjd7W3EkZuAS4cfEg%26client%3Dca-pub-3569764300452713%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F742 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F742 308 B
636 B 31ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F742 293 B
621 B 30ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F742 43 B
347 B 34ms
33ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=N9h0AlpK7UNOzZVT8RZfYtdX4rBgdD7NDJQd4Ye290qXGxiBEYLZiBqlMZ1JkuDP0iYu7dktCF7sOsfho0BVXRDIR88T_O2Cc6zRNeRdsrAtiuGxZIvrIH4iMZG7j2IEDSBcWcjQQQ5dBfeE47YLeMKqRuz8cHTEXhMvBgIKFbJ_B_hwGuEPFS3lUrb3FUEyACexBCytm-g5dg2UQIUV8s3g3kVaoNSzmtxK9m593fjyb8QxObsYFm_qEDc4wvc2CKfWTSKHCR4ZkrjC7cKELlAC7A0_z9yFnpjFjueng53FYaqRLC3AUSLwFx-PvLyL-DKR3dEUNUh8xXAkdFFX4NIsAWkb4bvu2pulcssud6lDxwzml9lbQ8KyUCt0RSMqB9QuXdhNdM3LmQ5MGu95XNuJgTV_TyWYBAx-eIXWdtprOeC-G--MmOLYPe_lDIFHQtw0IQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1529554
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 67F7 12 KB
6 KB 34ms
34ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 4 KB
4 KB 189ms
117ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&rid=4&s=I-NWNHuipLIqog3zV6XJrMog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3824
expires: Sun, 13 Oct 2024 03:35:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 48 KB
49 KB 126ms
54ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026695%2Fda39fa951a3b472e81e4d9a7afddef5b_img_horizontal_3.jpg&v=3&w=1200&rid=4&s=IonQ0Rz4GxdUOn3snvG4mxnz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 49616
expires: Mon, 07 Oct 2024 08:40:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 12 KB
12 KB 143ms
72ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1623395397%2F21133182-sdlfOUnM.jpg&v=3&w=400&rid=4&s=SAXaJ3LQXb-aVlCF34BAd7v-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 12440
expires: Thu, 16 Nov 2023 18:44:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 25 KB
25 KB 178ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691503437%2F23080689-V06wiP9U.jpg&v=3&w=400&rid=4&s=5tMUJ0kNdtP8Hjj4gp7Z7y7B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

491cc9c8d8c7ea04f87cf74529a6158820ae8cd6a50bf10ed72b56fa4b87ff28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 25276
expires: Fri, 17 Nov 2023 06:58:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 8 KB
8 KB 182ms
111ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1631261073%2F21131370-sy1cMEdN.jpg&v=3&w=400&rid=4&s=dWGofL69-kr6XWXmBzWpfqeS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 8172
expires: Thu, 16 Nov 2023 18:23:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 16 KB
16 KB 168ms
98ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1668003985%2F22233713-0j3vpUOc.jpg&v=3&w=400&rid=4&s=VVIxQd57fCexHTxepVLKko1M&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6f631ec2129dc1f88e7be27d9be44a7b02bb927ea02588119d00043eec30bd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 16020
expires: Thu, 16 Nov 2023 08:09:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 33 KB
34 KB 89ms
88ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695016291%2F23171059-aOiRi5CY.jpg&v=3&w=400&rid=4&s=ri3wLtQFHgbMux_4a-1CWYVd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9fb0f19047d5031d84e90bcc9240b94d90e4778a85a277addc6ace25f8db51dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 34194
expires: Fri, 17 Nov 2023 07:01:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 38 KB
38 KB 108ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691503484%2F23081352-q3aGkC9s.jpg&v=3&w=400&rid=4&s=vOiXU4npjeqHgoDwj4zc8Cq6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67d40077f9fd8abcaec0737a94fc4398135b3c6600e674e9698c73bfc4df9ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38418
expires: Fri, 17 Nov 2023 06:47:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 10 KB
10 KB 96ms
95ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1660225633%2F22167963-8wWIhwnO.jpg&v=3&w=400&rid=4&s=Ttd1nTPwNQMKCxinKQBKT_Wi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

328bb96999971ad6cf3fc46e8dcbbcf7acc33ebadda0995a28ec60de4acca7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 10396
expires: Tue, 14 Nov 2023 06:55:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 17 KB
17 KB 105ms
104ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1603828707%2F20186117-dwPqQrB3.jpg&v=3&w=400&rid=4&s=dvA7qMmODof8vVBZK2HVN_Vj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b21e1c9b2a8b87f891b14e5a6d4290445d6436899666e1cae20de18f5bd7a473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 17100
expires: Thu, 16 Nov 2023 07:59:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 10 KB
10 KB 106ms
105ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663167346%2F22190927-LDWALrW1.jpg&v=3&w=400&rid=4&s=5R8Xsv0nS_gGs5XIoUqaWcZm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

406cb9d8b78a968f2df0ee2709c42c3fe3baf4a0394e9f37c4ca0ad2ef5cb21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 9782
expires: Thu, 16 Nov 2023 05:42:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 16 KB
16 KB 126ms
125ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1690454035%2F23134753-DKOqmGi8.jpg&v=3&w=400&rid=4&s=oO_UHZO0nLjsB-AYkpBmcyCl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9cd3dbbe7d1b3d330643a24342913c036a6471ab3e7e0bd2dc81bfb309fe22ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 16266
expires: Tue, 14 Nov 2023 09:45:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 11 KB
11 KB 125ms
124ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1686129026%2F23101048-dbt58lpU.jpg&v=3&w=400&rid=4&s=o7TlplUBOq5VUUYa8EE7nriZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f852588c55400547070bfda78328d09d890a73fd8ff84320e43e68f4a3f90554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 11500
expires: Fri, 17 Nov 2023 07:38:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 7 KB
7 KB 111ms
111ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1683706006%2F23076239-TZ2LJp4l.jpg&v=3&w=400&rid=4&s=YJ5E5POin0o_jszka7yO6pe5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14a1d9d751c0c899ca5910e555cf031cbb96a57375d1f257856fa8548eec2c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 6906
expires: Sat, 11 Nov 2023 15:03:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 67F7 0
128 B 99ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4gTLNFAviN6RyBFcFwOShnpR_4qI527IL8qdrkjQbFlmSYB_kukimB_F3w2YubVIcN6ladQSyiKuIbAjsf19ni7AJtu1IrHVJZXsLQ-d355Ba6A2l6Vi5LysWU7QNIictX5SlfrS5Jepu4y05n_ynn3AON0733SjVgYVuCtSL1VU783s1Z1oujDAuakbK_rOUq1INACeULIrGd88DFoYALN0r5olpMBwsb2mK7BCMuEyA-gK4c7122LXDB3VW2GwH4pZ_w&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 67F7 2 KB
1 KB 32ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 67F7 2 KB
1 KB 33ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 9FE3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe43f27e-8017-4e53-b192-0719016dbaa9&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=20f9a708-bbb8-4627...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=71a4a1c81d1a4e30ab0687660b8e23ab&tids=15000&med=10

0
18 B

71ms
71ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=71a4a1c81d1a4e30ab0687660b8e23ab&tids=15000&med=10
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07F0E0049E7744BD8012E4A3B73E66DD Ref B: FRAEDGE1313 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4ab22a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 799A28D933CF4A29A4E6B204137CB698 Ref B: FRAEDGE1806 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4ab098
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=71a4a1c81d1a4e30ab0687660b8e23ab&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame D5D7
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=45598a5d-32c2-46e2-bb0a-468e00254962&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=48a02ce4-5cee-460c...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6a8e02f3333f452db87f575022e0ada5&tids=15000&med=10

0
18 B

73ms
72ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6a8e02f3333f452db87f575022e0ada5&tids=15000&med=10
Requested by: Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C72FB5B87A9F493FA0B344A74B5514AE Ref B: FRA31EDGE0209 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4ab21f
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 172A8F07EF0B4787A394C8F7A24B458A Ref B: FRA31EDGE0208 Ref C: 2023-11-10T23:22:50Z
x-cdn-traceid: 0.92a12417.1699658570.3e4ab0a2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6a8e02f3333f452db87f575022e0ada5&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 46C3 0
557 B 34ms
33ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLWB-jWAwAAAwDWAAUBCMn2uqoGEJX6_LOj75OhYxgAKjYJdjQugvmnrz8RgGPLrmjQrj8ZAAAAYD0Ktz8hgA0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47fMFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmwMKsQJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04ZjZlMmE5Ny1jYTYyLTQxY2QtYThkYy04NzdiNTVkMWU0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9FMBdHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTUyMzY2NTQ0NTM2NjgxNzQ5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56STBPVGt6T0RFeE1ERTFOVGNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgD3OQ14AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFk8PTsY7poPJLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFheQD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNCREpAbEM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fc68677d79797e17a8b317bc772c6252b09ef208&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=6118574091178356970&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: b6893efa-7869-4d2e-80b5-fb7f64fe96c3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F742 12 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1458012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90WvI%2Fc4FWk%2FfSBw%2BNsoAf00246w%2B1k81XQW4aVTAvss23a5iHAyJZUSUbqCCTwv69T6DnbixRIRBu4n7G5u7N%2Bt2UEG6XaRda7ITbFR%2Fpa1UCsD1PoEM9y%2BjnlS%2Ffow8s6GT5HGA7cQ0G4bTZzVlnRr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82420a33b8c54528-TXL
expires: Wed, 30 Oct 2024 23:22:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F742 12 KB
6 KB 34ms
33ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F742 0
127 B 31ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oqZruVAviN6RyBFcrP2Cz3BhuHxXNBgBnlVNI1aUaYAToFNkdsDHKeDdWi5ucy_Hacn88oLfzyEZ8UdT9RJFiYADhYbVAH-MKiMDprxlVCj7saZ6Hk90zRxoRnZN82q15CApCq-1i9V8Jo-_6Bbjya2_no8hZOeqAoe1qBS0yHNfE8Kb3LaEtf2fo3TDZIzc1HHupZu243ijKdJxbJsCVKyNKF6NO6VzXHAmmogfyg1R0i0V3ADORprYFEWRV2pCPZZaXQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F742 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F742 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
DATA 200
OK truncated
/ Frame 46C3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ee91a23adabd14c94f35e775085f9351d4e0813aee890515c139aff89792d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 46C3 0
19 B 126ms
125ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6fi-SbtOZfX9A6OUiM0PubqygAvS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqAMByAMCqgShAk_QA90VprbmGWWA2oTk0xVpd8WPgTwPTzWhzl4iWJmYWmiGtccni-aUCrCDoS6vu1KYwFN7waLTkcRmELfzZ5MqlwKHmIZbp1j9earZsXUBkxOGxPSPne4RIhPwGXBtSBGe4fQkeNmUoSt4rEEs75laAEUgsz0iBD43XvT8HL0sbuZIh9VFiiFNOBRkFbzDevkRmDafkyBhR2WlWJ6qtfzeni3rYZ0YWaHivc0VK3FA9sy7xF5VNWiCKaAeuf_S7WTJdv8xMjthP-3SMwgjXjoTjErimK81UdNbza7aYuQ0ljPS5UlOdUHqczPtgy_gLKQD0J4r6GzD45D-YalJL9sQdbCpOH_XpVU450tfMz4zWp-h0NDHg0eLFob1jbMjxe-ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU2OTc2NDMwMDQ1MjcxMxgA&sigh=RuxoMjrKnJQ&uach_m=[UACH]&cid=CAQSTgDICaaNXu-JeCqBMnbgc3v9Mk_vMmT5uxt-x1bxAP9yez-NTIUtcH5QIw0kNurm4Hwdet8373panvNrqUodlMrvOlCvxKKM6-aRSEPMzhgB&cbvp=2&vis=1

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 23:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 46C3 0
532 B 38ms
38ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLWB-jWAwAAAwDWAAUBCMn2uqoGEJX6_LOj75OhYxgAKjYJdjQugvmnrz8RgGPLrmjQrj8ZAAAAYD0Ktz8hgA0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47fMFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmwMKsQJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04ZjZlMmE5Ny1jYTYyLTQxY2QtYThkYy04NzdiNTVkMWU0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9FMBdHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTUyMzY2NTQ0NTM2NjgxNzQ5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56STBPVGt6T0RFeE1ERTFOVGNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgD3OQ14AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFk8PTsY7poPJLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFheQD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNCREpAbEM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fc68677d79797e17a8b317bc772c6252b09ef208&pp=ZU67SQAA_vUDogojAAydOVn1cxmBhyFbM5w0dA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_OL1SbtOZfX9A6OUiM0PubqygAvS4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqAMByAMCqgSkAk_QA90VprbmGWWA2oTk0xVpd8WPgTwPTzWhzl4iWJmYWmiGtccni-aUCrCDoS6vu1KYwFN7waLTkcRmELfzZ5MqlwKHmIZbp1j9earZsXUBkxOGxPSPne4RIhPwGXBtSBGe4fQkeNmUoSt4rEEs75laAEUgsz0iBD43XvT8HL0sbuZIh9VFiiFNOBRkFbzDevkRmDafkyBhR2WlWJ6qtfzeni3rYZ0YWaHivc0VK3FA9sy7xF5VNWiCKaAeuf_S7WTJdv8xMjthP-3SMwgjXjoTjErimK81UdNbza7aYuQ0ljPS5UlOdUHqczPtgy_gLKQD0J4r6GzD45D-I6tovRm0j909wgtiOwy8UU98Obo6dId4claeB_sLPKrtTTLBqHtQh8iABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xvRPj3o9q5c1vNBPxp8ypr-sjJg%26client%3Dca-pub-3569764300452713%26adurl%3D&cbvp=2

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:50 GMT
an-x-request-uuid: abe0eb53-6caa-4a4c-95a3-a8ed5d148f2e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame F742 46 KB
46 KB 36ms
35ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:50 GMT

GET
DATA 200
OK truncated
/ Frame 5951 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4108a52e40bdee9a946101a92eafea6d1962c8907858195c5d01b4a836e50e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame F742 38 KB
38 KB 36ms
36ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 04 Nov 2024 23:22:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 8 KB
8 KB 33ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 8172
expires: Thu, 16 Nov 2023 18:23:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 12 KB
12 KB 32ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 12440
expires: Thu, 16 Nov 2023 18:44:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 38 KB
38 KB 33ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691503484%2F23081352-q3aGkC9s.jpg&v=3&w=400&rid=4&s=vOiXU4npjeqHgoDwj4zc8Cq6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67d40077f9fd8abcaec0737a94fc4398135b3c6600e674e9698c73bfc4df9ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38418
expires: Fri, 17 Nov 2023 06:47:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 6 KB
6 KB 36ms
36ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=396&rid=4&s=79HJ3OsGOF1uqBIhc-01OzJw

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6100
expires: Sun, 13 Oct 2024 03:35:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 103 KB
103 KB 38ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026674%2Ffcc7ea400975497ebf0bddbdc3c9cf4b_img_vertical_1.jpg&v=3&w=1200&rid=4&s=RuGkzgfpDVogXuv7VfwNqw0p

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84e29cef33ff5cd2e45730c3b9329bd5370fe08464d52b4bb0efd1c4e4f5e4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 105200
expires: Mon, 07 Oct 2024 08:20:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 67F7 38 KB
38 KB 35ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691503484%2F23081352-q3aGkC9s.jpg&v=3&w=400&rid=4&s=vOiXU4npjeqHgoDwj4zc8Cq6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67d40077f9fd8abcaec0737a94fc4398135b3c6600e674e9698c73bfc4df9ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38418
expires: Fri, 17 Nov 2023 06:47:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5951 0
19 B 125ms
124ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwCCwSbtOZfb9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEpQJP0CAh3i6AGlFBRi832QtMuOJL15UcULw_uiz72BIkv9Yb3J3seIPwqVN4eHR6O9pHYZo7fqhIvTmi4PN6tiTU1xQcSGUEn3w2n6ewx3IUXznP0k8ku2T36JcEnNy1hV1_LaCMcNtoK2AjLJEeloXm5EviJMBBGz9Mx2hZl4HpivnbUoG_1rnEFjPRjjEGeppqBtJODww6lFU734yRdTB-5-srbJF7rwzzXynuw9vXCcPj8wWErWF1yR0p6jtQUVxFy0hYuPTOU1j4g_AguC2gJ--6Mn5AnoJFkiqM5hiMOfFA4kuVHrDjqlRIEFtKksqaFWMLJHkREyn68O7H-FCBGjOsHCDChfKrqWJcImjQPMmulphSQOt-20rKbXy8_bAc1Gxv94AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNTY5NzY0MzAwNDUyNzEzGAA&sigh=qeZjRKrrSq0&uach_m=[UACH]&cid=CAQSTgDICaaNXu-JeCqBMnbgc3v9Mk_vMmT5uxt-x1bxAP9yez-NTIUtcH5QIw0kNurm4Hwdet8373panvNrqUodlMrvOlCvxKKM6-aRSEPMzhgB&cbvp=2&vis=1

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 5951 0
126 B 208ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RMgB2ASdg2ICAgAAAKN1HnlZCMhbEEi7TmUgVsZtPUAKo7E4AAASAAAKCkFRVURBUUVCQVE&wp=ZU67SQAA_vYDogojAAydOQA2Nveyok847VmiBA&cbvp=2

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 172555
server: Kestrel
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 12 KB
12 KB 32ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 12440
expires: Thu, 16 Nov 2023 18:44:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 8 KB
8 KB 32ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 8172
expires: Thu, 16 Nov 2023 18:23:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 38 KB
38 KB 34ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691503484%2F23081352-q3aGkC9s.jpg&v=3&w=400&rid=4&s=vOiXU4npjeqHgoDwj4zc8Cq6&b=400

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67d40077f9fd8abcaec0737a94fc4398135b3c6600e674e9698c73bfc4df9ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38418
expires: Fri, 17 Nov 2023 06:47:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 6 KB
6 KB 32ms
31ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6100
expires: Sun, 13 Oct 2024 03:35:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F742 103 KB
103 KB 44ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.guis.com.br
URL: https://www.guis.com.br/438891/locutor-vinhetas-comerciais-gravacao-de-propagandas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84e29cef33ff5cd2e45730c3b9329bd5370fe08464d52b4bb0efd1c4e4f5e4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 105200
expires: Mon, 07 Oct 2024 08:20:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1DC 0
19 B 121ms
120ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzfUTSbtOZff9A6OUiM0PubqygAvJntKxXMWMi-CaAcCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zNTY5NzY0MzAwNDUyNzEzyAEJqQKGYtvR7OqxPqgDAcgDAqoEpgJP0Mxx3oN0pxf_Uh6JQOjd43DNBlNsSkuveYhNXkziJzpB8LmrtxLeSLRG_ivXRpBeFZxneTcQWysOMEO1XTvkGtN2JCtyD_IayVmQ6trGeAgwgSLSTf3azKGsKU-phV_80YjS6GfsUF45QHkt-CHgSMkDLf5nEuyJO5s628ev8QNOgQHUs8KU8CIpOoJ0_xM9YkpvqAajph7C1OALZXZ9Dq4CAh3vPLjyRchet7I5UBqbWgxNewxiM1GyZ3Pc2KYgxCwUYj4aHm3AdFGJfjb4xiuGi9LWcbKja_CgYuWZn3p0kAXlaMAlTxgrNqBu1rQVNjdT9MM8k926SFPbQcnz5SkLUAmh7gPvhwUYVaQNPMj_UTY3ZoXNGFljwRn8oLJVUCTq-RGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU2OTc2NDMwMDQ1MjcxMxgA&sigh=Z49YcYOxODc&uach_m=[UACH]&cid=CAQSTgDICaaNXu-JeCqBMnbgc3v9Mk_vMmT5uxt-x1bxAP9yez-NTIUtcH5QIw0kNurm4Hwdet8373panvNrqUodlMrvOlCvxKKM6-aRSEPMzhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame F1DC 0
125 B 173ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAo3UeeVkIyFsQSLtOZfRjleZlsPOCZS8AABIAAAoKQVFVQkFRRUJBUQ&wp=ZU67SQAA_vcDogojAAydOR7dGt8UpmK2VzXNgQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:51 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 179466
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5D7 42 B
64 B 275ms
114ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvyVqI4RMk_ayafhXfDLNam7Ok5Eb_5fY6M6O6fVgDAVNkinUfAPdEWZEd4pziSA0_qfmtyEGzn0LUdzRI1cRAmy6ySBZHQsEljuV3zeBgFx_RaUwkzA&sig=Cg0ArKJSzKXS_NNEXGUXEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4061719698&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699658568934&rpt=1162&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame D5D7 0
557 B 41ms
41ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLlB-jlAwAAAwDWAAUBCMn2uqoGEIbswum76rCVCRgAKjYJygXgbIRnmT8RBmPwEoa6mD8ZAAAAYD0Ktz8hBg0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR42PUFgAEBigEDVVNEkgUG8EmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gENMS1ndWlzLmNvbS5ictgC8AbgAqKoMeoCUmh0dHBzOi8vd3d3Lh0j8MIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDrAMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD00OGEwMmNlNC01Y2VlLTQ2MGMtOGVlZS1kZTllZWU5YjZhYTgmYmlkSWQ9MTUwMDABDFhkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZC5cABhwdWJsaXNoBSkkMTYyNjQ1MzMwJgU3BDhhhnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzM2ODIwMiZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8NBfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI2NjA1NTUwNTk3ODY5ODcwMTQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJeU9UTXlNekl3TnprMU16Z2pNak15TkRBNU1qY3dNemM0TmpFMk9RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEW4WIgFAZgFAKAF6NXjy8Px4rxYwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AXPSfoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9j1BdIHDRVkASYI2gcGAV6sGADgBwDqBwIIAPAHmTaKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7a4d917eb255d1a5eba6fdab2330703d6c0649ed&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=6118574091178356970&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
an-x-request-uuid: 739be54a-dc21-4694-bb3f-ae398b879336
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FE3 42 B
64 B 179ms
112ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_D7GWN0FVIWpXkM7iSYv3rscz_JHclVmhV7gj7JC9IslGT-YURegiHMGk5NZJ5Bj8OZv6jCo5KW6bYw6_vtPJzGMGingiTg-QQU5-ABBh-7g-96GMFQ&sig=Cg0ArKJSzBMJskeyuuXTEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3651661018&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699658568921&rpt=1268&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9FE3 0
556 B 47ms
46ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLVB-jVAwAAAwDWAAUBCMn2uqoGEK7Ij7i3t8v3HRgAKjYJ5Kv2aggtlz8RnvxM1jaPlj8ZAAAAYD0Ktz8hng0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4v_UFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmgMKsAJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yMGY5YTcwOC1iYmI4LTQ2MjctODcxYy1hN2JmZDNhYTNkMWYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AMo5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzIxNTY5OTMwMjk3MTI2MzQ5MjYiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RRek1Ua3pOREF5TmpjME1qVWpNak16TmpFeE9EWXhNakUwTlRBd09RPT3AA9gEyAMA2APc5DXgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWcrb_Mza3yun_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAARPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHv_UF0gcNCREoASYM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=4d85494a75c461dc7440163c0d3c3429e7501c83&type=pv&jm=1003&px=0&py=0&bw=160&bh=160&sf=1&sid=6118574091178356970&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
an-x-request-uuid: 1877b84e-6e57-4a72-b894-cb8246680df7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 164ms
123ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdaf8680d9eb225df5abc9b2f7cd69993248dd5d6c6a535b0b0744fb917fabcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12204
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 23:22:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DAA 13 KB
5 KB 74ms
72ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 20:36:05 GMT
expires: Sat, 09 Nov 2024 20:36:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1610 829 B
1 KB 256ms
88ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65c4f00a81d44d2d77ce75858082e4aba2cb937f4682f9f1a56c3c82d5ec1fa4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NrxgPhwDLRxDCslV01VHCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NrxgPhwDLRxDCslV01VHCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 23:22:51 GMT
expires: Fri, 10 Nov 2023 23:22:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DAA 39 KB
15 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 19:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 19:58:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1DC 42 B
64 B 112ms
111ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsum9lkS2Jpb_OQVj9GAkJFprl_dD1DRWfMpGBOu-NAapig36-L6qaaLKYnH0OU1sDrNDrPlQXA7RI3yTWTdnQSGaNByDn2htCgerN0qYRZSTNsDW059kA&sig=Cg0ArKJSzEfH0z-xsBItEAE&id=lidar2&mcvt=1009&p=0,0,124,1005&mtos=264,915,1009,1146,1146&tos=264,651,94,137,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699658570254&rpt=372&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1DAA 0
10 B 72ms
72ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gEhUOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 23:22:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1610 0
0 109ms
108ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=3326864121130363&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 67F7 0
127 B 32ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 23:22:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 46C3 0
556 B 33ms
33ms Ping
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.guis.com.br%2F438891%2Flocutor-vinhetas-comerciais-gravacao-de-propagandas&e=wqT_3QLWB-jWAwAAAwDWAAUBCMn2uqoGEJX6_LOj75OhYxgAKjYJdjQugvmnrz8RgGPLrmjQrj8ZAAAAYD0Ktz8hgA0SACkRJNAxAAAA4FG4nj8witzBAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR47fMFgAEBigEDVVNEkgUG8E-YAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDTEtZ3Vpcy5jb20uYnLYAvAG4AKiqDHqAlJodHRwczovL3d3dy5ndWlzLgkj8FIvNDM4ODkxL2xvY3V0b3ItdmluaGV0YXMtY29tZXJjaWFpcy1ncmF2YWNhby1kZS1wcm9wYWdhbmRhc4ADAIgDAZADAJgDCaADAaoDmwMKsQJodBlo8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04ZjZlMmE5Ny1jYTYyLTQxY2QtYThkYy04NzdiNTVkMWU0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOI5xALhydHlwZT1udXJsJnRhZ0lkPTczNjgyMDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9FMBdHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTUyMzY2NTQ0NTM2NjgxNzQ5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56STBPVGt6T0RFeE1ERTFOVGNqTWpNeU5ESTVPRGcyTWpBek9UY3dOdz09wAPYBMgDANgD3OQ14AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFk8PTsY7poPJLwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFheQD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgH7fMF0gcNCREpAbEM2gcGCAUJpOAHAOoHAggA8AeZNooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=fc68677d79797e17a8b317bc772c6252b09ef208&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=6118574091178356970&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7368202&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
an-x-request-uuid: 2b430148-e439-4879-b43a-cdabc5e6502b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 193.32.248.228; 193.32.248.228; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 46C3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=838df3f2-4816-4bcd-a887-e93b3a7401a5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=8f6e2a97-ca62-41cd...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd99d0d9a81d49488ebd7109fae61703&tids=15000&med=10

0
18 B

76ms
76ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd99d0d9a81d49488ebd7109fae61703&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FAE3182D522474CABD63E47148E586E Ref B: DUS30EDGE0907 Ref C: 2023-11-10T23:22:52Z
x-cdn-traceid: 0.92a12417.1699658571.3e4ac0c5
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 10 Nov 2023 23:22:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 101AF10006C3450487E1A813438B6443 Ref B: FRA31EDGE0816 Ref C: 2023-11-10T23:22:51Z
x-cdn-traceid: 0.92a12417.1699658571.3e4abfdf
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd99d0d9a81d49488ebd7109fae61703&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46C3 42 B
64 B 112ms
112ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv65kMPFOwf8zTYxXQZ-QYBUTqlTmWNiLDq2guvMmLsZaBOIOPf_HGdZU7JndbDf0bRMDFsxF1RqHHQjKKOGwdT_gYjAGuWniQkX8gqeZrU9r5JOSdYJA&sig=Cg0ArKJSzN36mkHQOCRpEAE&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699658570350&rpt=356&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F742 0
127 B 31ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Nov 2023 23:22:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5951 42 B
64 B 112ms
112ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRftnaj0fBTLXc3OWibZdqV01-jZM_iOjZPlcgdumckIiAk4Q4qyOvdcvoZ-CZEoG8ItkKDYUwuhuswFiJjxnoALyZlx8r8P-Lv_CIudeKpFYFok-hZw&sig=Cg0ArKJSzIXJgY0unnPOEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699658570252&rpt=336&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 23:22:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 112ms
112ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=3326864121130363&bg=!IiGlIW7NAAZxrfrxUa07ADQBe5WfON-3XltsLukWgcctFwJJOF6dA3oOFz3jm1FBSRdUMpHQ1nPrW5bvOjPc93Np5grZAgAAAFFSAAAAB2gBBwoAgM7z3nGHebQV9IBK4O7o2Qo5lA91nBNStirQd0MiIakRkSkf7EHAo47xqfwaCby0pbnJSvuJI57I4fAeltBvYZ8aDrIyVSNRKcffatjNeGrV2rj5P03JENh5igkza_mPQg9zWbk2Y89bE5URBOuWBYB2mNCwrjROzfvIX9TbiNfImQK3pLO14lGc6MKiwRzCQehxCAtBWraWGbE90gBamZdp1fcpIWOtVovV3Z58MgiJkag-83P4dW8QzeHBAWSPx09tZsfjbnkN3khl8VYDFVnD-7wrSWkZT6PxC0mFsNU7AUPgH8HzF2OqqwabSe4rs1010YFpyh0_CtjVSTAuo_UWfTeI4NAuOBvwpYa74_Z-Mbcpnvle4xPW5hs1Zkam7XkLDrHxzqpdIhiS59GJUKaeMwdrDpeWwxF2JCCu7BkyZ1jVN5nOt50WuTee5UUNcKMToh6MlHCCjjYRUZihgKh7O9TLs31vRWxQmEjPsJeRrfTm8aGlRD1sjl8B1__NTnyPVRZG2ZsZp7XymElJ32KYZy4fecYfSNXFzpf3eZVS67RXq3tOKrdNM5WZ5M_4j4StjUrFDpOb24446AOKd00YBxMEbpTSmbJ48CNpL3Kg4iQhg6eEMb1dQAPfW44yjL2-VCCtBSeWt6rWHjbh8zq0ZNTx9DZip7AzGIjx2n9XQecL0Sisjj0tezN9VHXWeFudcpu1L9qed4r7i0zjzNPAmeM14inW58TksKkfmaF0e3GWvL4dnEixXf9_vnEDdxyV5dX97B6Vv87EA8jMhK_6YKRDJmB_2mBepE3ccOIlPqjzJ4H-t6EpRXx9WIWG9BlMtECk1p5MFuIAlBW3dlf0fxWVHbeC98sksz5oU270TvqyB8FCSPqORPX-HwJ_2VE3xs5o3w22e6lb1ccVfACkA-Sg2q2QjDiSUO-BG4NQ5r2euarMrBX2-r6kUDrk1Ty7vDOb1xt2CBlWb-zfUwodFyK6qDwFe3yg7biRptNZfNhKe-ICZRWks6bdWuTgBYcUoX3U20f9XVMllwYug6GyeET3rl_dBw_P6iX4Y7gaE_2KlhgncEgP3xVEIOyq67InQ9Q9XTvhdeU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.guis.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: e491b777ab856da7a4abef7ab2b47c7c
.guis.com.br/	1970-01-21 01:43:38	Name: _ga Value: GA1.1.765926421.1699658569
.bing.com/	1970-01-21 01:29:14	Name: MUID Value: 2C75A64BD2DD6CE030E4B58ED3B66D9F
.guis.com.br/	1970-01-21 01:29:14	Name: __gads Value: ID=e025507a8d1aa67b:T=1699658569:RT=1699658569:S=ALNI_MZAqwM4k4JJ1B3vX0tnmTcRvaIfcw
.guis.com.br/	1970-01-21 01:29:14	Name: __gpi Value: UID=00000cbfa2b5389e:T=1699658569:RT=1699658569:S=ALNI_Ma9VAt9uXW0OJIe0GcHAoUBC6Gm8g
.doubleclick.net/	1970-01-21 01:29:14	Name: IDE Value: AHWqTUknz0Zo6otU_1bkPnF5nhIxWIcS7qOhInFDKnEvgR93cAUdxvFs1cd44jP--s4
.guis.com.br/	1970-01-21 01:43:38	Name: _ga_NV918RNLT7 Value: GS1.1.1699658568.1.0.1699658570.58.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
ads.eu.criteo.com
adsdk.microsoft.com
ams3-ib.adnxs.com
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
i.clean.gg
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.bing.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.guis.com.br
151.101.1.108
162.214.98.9
178.250.1.6
185.89.210.46
2001:4860:4802:32::36
23.35.236.188
2606:4700::6811:180e
2620:1ec:46::67
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c0d::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:3500:1b::1724:a392
34.95.69.49
05b5d43e8c7ba55987ebe7ef71c48d36843c73467904fcbf362ef6d9cd2d1e7d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c1eecef7ce93d9ca74ce8540fd283c6caf97239caec088c623039451f2f6944
14a1d9d751c0c899ca5910e555cf031cbb96a57375d1f257856fa8548eec2c37
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c574921af9f803a2337286a892c0407ca6b05db96e00aeee9cce37499f070c4
1e93a8bd5d01da9dfaaf4019c584d3d240d771087b9c577df00bf0407aaf90bf
1ee91a23adabd14c94f35e775085f9351d4e0813aee890515c139aff89792d2f
22ab99da165941e8242bdf94397ce2df4047745f02c8680a23805f9c22c48d2a
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328bb96999971ad6cf3fc46e8dcbbcf7acc33ebadda0995a28ec60de4acca7a4
3a24e394683f3acb57a46eb75d2c5d471713e5d5ff39d3ddab789092e78a3c62
406cb9d8b78a968f2df0ee2709c42c3fe3baf4a0394e9f37c4ca0ad2ef5cb21c
462866e725d0b50eb80081a8f5c44c05434d0518deff0abb53787cb46676aefb
4768ee069227438a58f82f7b875f9c277dbf3b2814946274326dd84bf87f5235
491cc9c8d8c7ea04f87cf74529a6158820ae8cd6a50bf10ed72b56fa4b87ff28
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853
5e4707e2ad0f6c308e836195737b969b8c7927a9a04ee2dc7c40fbcfbb3c22ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
637e013c5a73985f8d4cbb3ebacd3116ce574dad5e082ac3bd57358e4174c4c2
65c4f00a81d44d2d77ce75858082e4aba2cb937f4682f9f1a56c3c82d5ec1fa4
67d40077f9fd8abcaec0737a94fc4398135b3c6600e674e9698c73bfc4df9ba0
6c5bb3cee101c4121c7090d0f412619bab361728b52557a18c6110af25ec373d
6f631ec2129dc1f88e7be27d9be44a7b02bb927ea02588119d00043eec30bd36
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7be38ea67453b90444c7bf8ce2b7d3ebebb829fbfcb469ab6a59248ad3272f7c
84e29cef33ff5cd2e45730c3b9329bd5370fe08464d52b4bb0efd1c4e4f5e4a7
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
911ea142e942c66ad04efb0035481c6201e797e24405738eff42d40940a5177d
9189b2c779e847ab5747c2a567990838435689f0abe79a0ea79c3690f3e7b062
97fa36fd66fa53b772997aaa6810a16687584e6d1be703c1126d719b3ec6e0c2
990c89d3b6bb14e36828486b361f3655e37f9694d9cb11e9dc7d91529ef09ef9
9cd3dbbe7d1b3d330643a24342913c036a6471ab3e7e0bd2dc81bfb309fe22ed
9fb0f19047d5031d84e90bcc9240b94d90e4778a85a277addc6ace25f8db51dc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8
b21e1c9b2a8b87f891b14e5a6d4290445d6436899666e1cae20de18f5bd7a473
b26967f18b1665ae4c96c385f7109ce83cf784b5b769a3f67284f44faff02f20
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb
c721cb1b48ebaaaf8eb8aa13348a8dc4ab34e091c426e4d88bbc99eb65b6fb7d
cdaf2a3d4b897bb3d1fa226fd8d5e56dfc4c304ac93fb4708bbe4d79becf0bba
cdaf8680d9eb225df5abc9b2f7cd69993248dd5d6c6a535b0b0744fb917fabcc
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28
dab1e0476b484a782846b68522092a942bfd8b7af2d7097bd47112028deb55f8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4108a52e40bdee9a946101a92eafea6d1962c8907858195c5d01b4a836e50e2
e8af212e8433e763d680f83e7df7de599b3d5f540c6f95f4d44c2b755b774a65
ec9347cc1c7d11911a940f314910638c4987b6aa99f5d2d28a3a629d662bd4b8
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f505ad6cf5f25a0944fb5587f37f4a5ee75806ad6b5e1576bb46324f7675a59e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f852588c55400547070bfda78328d09d890a73fd8ff84320e43e68f4a3f90554

www.guis.com.br Open in urlscan Pro 162.214.98.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

96 %HTTPS

74 %IPv6

15 Domains

23 Subdomains

24 IPs

4 Countries

2116 kBTransfer

4529 kBSize

7 Cookies

1 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guis.com.br Open in urlscan Pro
162.214.98.9 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

74 %
IPv6

15
Domains

23
Subdomains

24
IPs

4
Countries

2116 kB
Transfer

4529 kB
Size

7
Cookies

139 HTTP transactions
5 data transactions