urlscan.io logo urlscan.io
SecurityTrails logo

www.baixaki.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.baixaki.com.br/
Submission: On October 19 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 10 countries across 61 domains to perform 518 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on May 26th 2023. Valid for: 6 months.
This is the only time www.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
90 179.191.182.65 52580 (Azion Tec...)
27 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2620:1ec:46::60 8075 (MICROSOFT...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
65 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 104.211.35.148 8075 (MICROSOFT...)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 13.95.152.229 8075 (MICROSOFT...)
7 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.105 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 52.86.91.163 14618 (AMAZON-AES)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
38 2a00:1450:400... 15169 (GOOGLE)
16 22 172.217.18.2 15169 (GOOGLE)
3 7 104.18.26.193 13335 (CLOUDFLAR...)
3 5 37.252.172.123 29990 (ASN-APPNEX)
8 35.244.159.8 15169 (GOOGLE)
8 2.19.104.4 16625 (AKAMAI-AS)
2 3.71.149.231 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 35.214.207.113 15169 (GOOGLE)
18 176.9.26.250 24940 (HETZNER-AS)
2 216.58.206.34 15169 (GOOGLE)
1 4 138.201.63.150 24940 (HETZNER-AS)
1 3 46.4.10.49 24940 (HETZNER-AS)
1 3 78.46.23.46 24940 (HETZNER-AS)
1 2 138.201.135.164 24940 (HETZNER-AS)
2 138.201.63.116 24940 (HETZNER-AS)
2 138.201.64.38 24940 (HETZNER-AS)
5 10 2a01:4f8:d0a:... 24940 (HETZNER-AS)
5 167.233.14.134 24940 (HETZNER-AS)
5 2a0b:4d07:101::1 44239 (PROINITY ...)
6 145.239.193.130 16276 (OVH)
5 3.9.163.207 16509 (AMAZON-02)
6 104.64.118.247 16625 (AKAMAI-AS)
1 1 94.23.99.218 16276 (OVH)
1 3.124.138.165 ()
1 2a02:fa8:8806... ()
1 34.96.105.8 ()
1 35.186.253.211 ()
3 18.195.155.219 ()
518 57
90    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
www.baixaki.com.br
bk.ibxk.com.br
tm.ibxk.com.br
www.tecmundo.com.br
27    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::681a:e8 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.goadopt.io
disclaimer-api.goadopt.io
3    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
osp-assets.pn.vg
16    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
7    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
65    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
y.clarity.ms
17    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
1    13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.smrk.io
7    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2057:b600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.86.91.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-91-163.compute-1.amazonaws.com
ping.chartbeat.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
38    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
22    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net
7    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
8    2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com
sync.teads.tv
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3601:96fd:90c6:753f:380d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.214.207.113 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 113.207.214.35.bc.googleusercontent.com
csync.loopme.me
18    176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal9000.redintelligence.net
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
googleads4.g.doubleclick.net
4    138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
3    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal90001.redintelligence.net
3    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal900023.redintelligence.net
2    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
2    138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
2    138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de
hal900011.redintelligence.net
10    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
5    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
5    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
6    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
5    3.9.163.207 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
track.webgains.com
6    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    3.124.138.165 (None, )

ASN- ()
t23.intelliad.de
1    2a02:fa8:8806:21::1720 (None, )

ASN- ()
dclk-match.dotomi.com
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
1    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
3    18.195.155.219 (None, )

ASN- ()
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
113 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
939 KB
51 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
581 KB
47 ibxk.com.br
bk.ibxk.com.br
tm.ibxk.com.br — Cisco Umbrella Rank: 796666
148 KB
34 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41903
hal90008.redintelligence.net — Cisco Umbrella Rank: 278786
hal90001.redintelligence.net — Cisco Umbrella Rank: 387220
hal900023.redintelligence.net — Cisco Umbrella Rank: 367785
hal900015.redintelligence.net — Cisco Umbrella Rank: 320809
hal90004.redintelligence.net — Cisco Umbrella Rank: 273642
hal900011.redintelligence.net — Cisco Umbrella Rank: 386054
hal900017.redintelligence.net Failed
439 KB
29 baixaki.com.br
www.baixaki.com.br
255 KB
27 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
907 KB
14 tecmundo.com.br
www.tecmundo.com.br — Cisco Umbrella Rank: 724240
257 KB
12 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
2 KB
10 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 164332
27 KB
9 openx.net
us-u.openx.net — Cisco Umbrella Rank: 547
rtb.openx.net
1 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
190 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
1 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
479 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 998
y.clarity.ms — Cisco Umbrella Rank: 7907
c.clarity.ms — Cisco Umbrella Rank: 1548
28 KB
7 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 51750
medialead.de — Cisco Umbrella Rank: 51384
4 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com Failed
4 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
5 KB
7 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 30155
usr.navdmp.com — Cisco Umbrella Rank: 36353
cdn.navdmp.com — Cisco Umbrella Rank: 8424
13 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18074
4 KB
6 gstatic.com
fonts.gstatic.com
101 KB
5 webgains.com
track.webgains.com — Cisco Umbrella Rank: 59583
9 KB
5 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 270642
5 KB
5 futalis.de
futalis.de — Cisco Umbrella Rank: 354180
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
4 KB
5 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 114284
osp-assets.pn.vg — Cisco Umbrella Rank: 204125
74 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
42 KB
3 bidswitch.net
x.bidswitch.net
436 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6147
515 B
2 goadopt.io
tag.goadopt.io — Cisco Umbrella Rank: 174706
disclaimer-api.goadopt.io — Cisco Umbrella Rank: 192525
99 KB
1 blismedia.com
tr.blismedia.com
173 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 intelliad.de
t23.intelliad.de
556 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
415 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 648
363 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
149 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
712 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
463 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 257
764 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
15 KB
1 smrk.io
p.smrk.io — Cisco Umbrella Rank: 230564
566 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
607 B
0 smaato.net Failed
s.ad.smaato.net Failed
0 w55c.net Failed
pm.w55c.net Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 adform.net Failed
c1.adform.net Failed
0 travelaudience.com Failed
ads.travelaudience.com Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 turn.com Failed
ad.turn.com Failed
0 webgains.team Failed
cdn.track.production.webgains.team Failed
0 webgains.io Failed
analytics.webgains.io Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 ctnsnet.com Failed
gcm.ctnsnet.com Failed
0 360yield.com Failed
match.360yield.com Failed
0 pubmatic.com Failed
image6.pubmatic.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
518 61
Domain Requested by
65 pagead2.googlesyndication.com www.baixaki.com.br
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
43 bk.ibxk.com.br www.baixaki.com.br
38 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
www.baixaki.com.br
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
29 www.baixaki.com.br www.baixaki.com.br
cdn.pn.vg
27 www.googletagmanager.com www.baixaki.com.br
www.googletagmanager.com
www.tecmundo.com.br
adv.office-partner.de
22 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
18 hal9000.redintelligence.net f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
hal90008.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
hal90001.redintelligence.net
hal900011.redintelligence.net
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
14 www.tecmundo.com.br www.baixaki.com.br
www.tecmundo.com.br
11 www.google.com www.baixaki.com.br
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 cdn.retailads.net 5 redirects futalis.de
8 s0.2mdn.net www.baixaki.com.br
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
s0.2mdn.net
8 sync.teads.tv googleads.g.doubleclick.net
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8 us-u.openx.net googleads.g.doubleclick.net
8 www.googletagservices.com f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
8 securepubads.g.doubleclick.net www.googletagmanager.com
securepubads.g.doubleclick.net
www.tecmundo.com.br
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 fonts.googleapis.com www.tecmundo.com.br
s0.2mdn.net
hal90008.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
hal90001.redintelligence.net
hal900011.redintelligence.net
6 www.awin1.com f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
6 pv.medialead.de hal90008.redintelligence.net
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
hal900015.redintelligence.net
hal90004.redintelligence.net
6 fonts.gstatic.com www.tecmundo.com.br
fonts.googleapis.com
6 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 track.webgains.com www.baixaki.com.br
5 adv.office-partner.de hal90008.redintelligence.net
hal900015.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
hal90001.redintelligence.net
5 futalis.de hal90008.redintelligence.net
hal900015.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
hal90001.redintelligence.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 hal90008.redintelligence.net 1 redirects f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
hal90008.redintelligence.net
4 f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.pn.vg www.googletagmanager.com
cdn.pn.vg
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 tm.ibxk.com.br www.baixaki.com.br
3 x.bidswitch.net f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
3 hal900023.redintelligence.net 1 redirects f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
hal900023.redintelligence.net
3 hal90001.redintelligence.net 1 redirects f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
hal90001.redintelligence.net
3 y.clarity.ms www.clarity.ms
3 tag.navdmp.com www.googletagmanager.com
www.baixaki.com.br
tag.navdmp.com
3 www.clarity.ms www.baixaki.com.br
www.clarity.ms
2 hal900011.redintelligence.net hal9000.redintelligence.net
hal900011.redintelligence.net
2 hal90004.redintelligence.net hal9000.redintelligence.net
hal90004.redintelligence.net
2 hal900015.redintelligence.net 1 redirects 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net www.baixaki.com.br
2 pr-bh.ybp.yahoo.com 1 redirects 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
2 ups.analytics.yahoo.com googleads.g.doubleclick.net
2 c.clarity.ms 1 redirects
2 sb.scorecardresearch.com www.tecmundo.com.br
2 cdn.navdmp.com tag.navdmp.com
2 usr.navdmp.com tag.navdmp.com
2 www.google.de www.baixaki.com.br
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
1 rtb.openx.net f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
1 tr.blismedia.com f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 dclk-match.dotomi.com f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
1 t23.intelliad.de 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 csync.loopme.me 1 redirects f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
1 dis.criteo.com 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
1 match.adsrvr.org 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 s.tribalfusion.com 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
1 c.bing.com 1 redirects
1 ping.chartbeat.net www.tecmundo.com.br
1 static.chartbeat.com www.tecmundo.com.br
1 p.smrk.io cdn.pn.vg
1 osp-assets.pn.vg cdn.pn.vg
1 disclaimer-api.goadopt.io www.baixaki.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.analytics.google.com www.googletagmanager.com
1 tag.goadopt.io www.googletagmanager.com
0 s.ad.smaato.net Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 pm.w55c.net Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 onetag-sys.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 c1.adform.net Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 ads.travelaudience.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 dsp.adfarm1.adition.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 eb2.3lift.com Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 sync.1rx.io Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 ssum-sec.casalemedia.com Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 ad.turn.com Failed 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 cdn.track.production.webgains.team Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
track.webgains.com
0 analytics.webgains.io Failed track.webgains.com
0 ssbsync.smartadserver.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 gcm.ctnsnet.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 match.360yield.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
0 image6.pubmatic.com Failed f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
0 hal900017.redintelligence.net Failed hal9000.redintelligence.net
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
518 88
Subject Issuer Validity Valid
azion.com
GlobalSign ECC CloudSSL CA - SHA384 - G3		 2023-05-26 -
2023-12-10		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-29		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
pn.vg
GTS CA 1P5		 2023-08-27 -
2023-11-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
smrk.io
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.futalis.de
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
adv.office-partner.de
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.baixaki.com.br/
Frame ID: CB6B32F722DA8AD7D6A94306B9BD65CE
Requests: 138 HTTP requests in this frame

Frame: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Frame ID: 598BF3C562AAFFA77E6F9482CA220B43
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 77693692A8A2E71900579407C81D442B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1697736405&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743604670&bpp=5&bdt=3204&idt=348&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6353969840584&frm=20&pv=2&ga_vid=634115515.1697743604&ga_sid=1697743605&ga_hid=53756776&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C44759837%2C31077328%2C44795922%2C44805113%2C44805533%2C44805681%2C44805921%2C31078301&oid=2&pvsid=2381066866032716&tmod=518073552&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=375
Frame ID: 5C573215D732BF111EA801555187EC1B
Requests: 1 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9585C3A68EF6F3EBB98BAF51A4554B77
Requests: 1 HTTP requests in this frame

Frame: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 633880ACAF932831625643906B3C691F
Requests: 1 HTTP requests in this frame

Frame: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4EBAB15F276E2EE92F6D712AFEE5C968
Requests: 20 HTTP requests in this frame

Frame: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 072BDDC293768D67CE71302CD9D3D7A4
Requests: 18 HTTP requests in this frame

Frame: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1AE73BAE716FEB9B37E71D437C3CF1BD
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Frame ID: 9742EF2D4630A92A5AEAC73E6C421AB9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Frame ID: 61758B052C2E5B3B84665CAA087F41EE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXSq01MQi6gypPNYK-FE6OA2nobZTtl_z9L2YlJPNaSHh0YmEfhAfEaCGQeYr1A3paMbV9zpmkKYiAa7b-JKHC79Z2NGcGw3SA1wWCdIRqRRVa0hjj2aIc08luggTOncwGye_T-ppBjN8vNWqcBxfRLhC-xo040EAuSj9GBSVPCyCrzT_k
Frame ID: 1751DF39716277013AB7F606BEF9A57B
Requests: 4 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98B9513D002B76B1CABE156AD48498AF
Requests: 14 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BB113FEABBD703C763609C98FBF24DB
Requests: 20 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 913206494CABF5EC6884655F4A881771
Requests: 19 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6C3BFA42F3AA8EA70BF7FD2D326133E2
Requests: 18 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8338F956D21FC518E786E5CA24A35CC3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Frame ID: 10A93E6F277AE2A0F776879683E2AA33
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 484A8A28CB82961B018F15CC6E12C8D9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 628E6B2079A71BE3DD7C772FF9846DC4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC4C4CF4B518D40C513EE0FB88327733
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDCE7DD3069CF954BD2D68CAA96E8A93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 057AEB36AE79AC4067846735CE088FBF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Frame ID: E4F98DDFFAF79A27239BBA205E312DE7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Frame ID: 93F893F043B28B6B4A209DE801F4DB0D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXjQvkVOdiNDni7XYPGNCofYhIJLz-cizFs6b-QevhqPiifLiPPnfCVdpqD9me3LyPuIuTZGyCptQrB4krIFdWNfejsZMbty2ZayDsybhHtjg5liqqztjQ17B4pO5rLb5dgDThDeR--hu82aVpMDyLm2zYbLFtL5deAa64NmNRcentXkyg
Frame ID: 148E858F9700DB2F2647309D85E9F96A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Frame ID: 4668A17613DE3074C3F676290CCE5CAF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4C9A0401C62398086B44ADF7CF5F22F6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
Frame ID: C708B0FA0C04961C3CAA12742D02B5F2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CAFC971DAC0E824C8C92F4BD2ADFB923
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F9DF8236434241D65BABC67BFE8506E2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B3D37BE3D46DF50EDCE5FDD63CB0B6CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E7986C6CE5CE724F70211F06A3E9F9C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4F0E63E68008294DDDD2DD622D2556FD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EFAC5345A77F74156A3482BD1FEF7A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 619D4B61D9F990E4196C902D41AD444B
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
Frame ID: 89C31940C816A540614D502F4683709B
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A815538FFA1D83F6467A8FB7E9866389
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A8D22813EB2DEF028EE7CE8F98E6138E
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Frame ID: B7FC1807FB9D6799F191ABB17D9CCAE2
Requests: 9 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
Frame ID: 3909417ED2A19683BFA83E94674EB622
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A492C26991DB19E9A05CC2FBC9B18F74
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46628900145680404445002012482015&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 590D63D3F04D2DCC1B84706D05C13EFC
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
Frame ID: 5C77F7A7A79135C701A7E39046E1501C
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: A3F72DBBE0C9BB7DE0FE2682A2B563B5
Requests: 3 HTTP requests in this frame

Frame: https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Frame ID: 6F6D1BD6D92B373F77E3C38C2B8E5DB2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37B606A56C9D9B294734917917766123
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75E6911827ADCD9BB51BB83E04250605
Requests: 9 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
Frame ID: 443647F1C8FEF62AD533266FEF33CB92
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C78E6B8805B770C2594F4EFD66C75E4E
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=46885000141710304444978012482004&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E5B05338597D1E348DBD8156F95A57AA
Requests: 1 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=46885000141710304444978012482004&a=247d5787
Frame ID: 296C54E9245A65459003DB0BACD2FEA7
Requests: 8 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
Frame ID: 295BE83308A5FEFBE36B011799444BC3
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 60E2833F2FAF9D9876F45E2BAC978B0E
Requests: 3 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=50100700129201004444556012482001&a=81e23d14
Frame ID: 3173DD0D2A7878722CA1B0F038E682A8
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D003BC1FDE0CF7890A9573D3188B6EB
Requests: 9 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=66928400169557904444990012482011&a=00b3c423
Frame ID: E956D4D829473D091591FB1E0593085B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 245F5DDD3C8B80ECC6DFD24248C63026
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0FC4B3FF15D73894034D75BC1FE0634
Requests: 9 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=46628900145680404445002012482015&a=6a83369c
Frame ID: B335AAF12095261431CCAE90C41F3804
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 046DBB827A2B5341F3B2BC4EBFBCC570
Requests: 1 HTTP requests in this frame

Frame: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDDF7EDD8D2E66754F0E12745FA8250C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baixaki - Milhares de apps e jogos para você

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

518
Requests

79 %
HTTPS

45 %
IPv6

61
Domains

88
Subdomains

57
IPs

10
Countries

4624 kB
Transfer

12055 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 168
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&RedC=c.clarity.ms&MXFR=30B65B7359A8685E24AA48DC5DA86621 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&MUID=08762F8EA1796FC82E303C21A0D56EA0
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNqq1BtZAyCnH8ASVc7rFU&google_cver=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGC9.tbuxAadueQhNxrYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELoqO0FxvZ5lQlpzXhmw77c&google_cver=1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwpcJDpQP4Ul8CUfsQhcuY&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMmO-RnbZzSXNeRglIcWHEA&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEEciOFCMs6abQKY7hTUh0Q&google_cver=1
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1
Request Chain 272
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGC9.tbuxAadueQhNxrYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELstxdsaV-Hyfr4Uhs1lgf8&google_cver=1
Request Chain 274
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
Request Chain 282
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 283
  • https://um.simpli.fi/gp_match?google_gid=CAESEBWaQ9T1PvwrOgQjySEj1Pc&google_cver=1&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJVkhyRJ0VBSBB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1846C4AB97E04A07B56B848F7E514A07&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJVkhyRJ0VBSBB8
Request Chain 285
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4-HrFmHkqWYobEPkCj0_I&google_cver=1&google_push=AXcoOmSxaxmSU2Wo0GFweQ8SjD0mgBfEFDxQfjqOSasya475M4Ogtp93s9DJBGXsUxQoipbxlSYr-npYyWvXwsY2SCZRS4oAsG0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSxaxmSU2Wo0GFweQ8SjD0mgBfEFDxQfjqOSasya475M4Ogtp93s9DJBGXsUxQoipbxlSYr-npYyWvXwsY2SCZRS4oAsG0&google_hm=eS1uUmxDSDR4RTJwR1lFa2JSa2liU0NBTERObjNmeUNOaH5B HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
Request Chain 287
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEIgWxFo2ffUWgk2gwYtCAv4&google_cver=1&google_push=AXcoOmQEdbNjZSOkw6Bs1GIoFL0vBEwzJbwf8UYohQ1-_srWN6oXgw5IXRXvIqAkd5v4445KqIMpjJbkYIk6GqbsT7JZHznUkwPg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e2beeff2-ab74-4168-ba4a-a671e2740fb7&google_cver=1&google_gid=CAESEIgWxFo2ffUWgk2gwYtCAv4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQEdbNjZSOkw6Bs1GIoFL0vBEwzJbwf8UYohQ1-_srWN6oXgw5IXRXvIqAkd5v4445KqIMpjJbkYIk6GqbsT7JZHznUkwPg&gdpr=${GDPR} HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpbcS6UZ2WsNlUXcFb6Pjw&google_cver=1
Request Chain 337
  • https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 346
  • https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 347
  • https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 349
  • https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 371
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=80314200133353104444990012482008&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
Request Chain 377
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 378
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46628900145680404445002012482015&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
Request Chain 384
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=10432800151966504444556012482023&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
Request Chain 392
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46885000141710304444978012482004&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
Request Chain 397
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=50100700129201004444556012482001&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
Request Chain 444
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAv3dQD_-1I3p_qxU4WEnjY&google_cver=1&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA&google_gid=CAESEAv3dQD_-1I3p_qxU4WEnjY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTM3ODEyMzQyNDQ2MjA1ODQwOQ%3D%3D&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA
Request Chain 456
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK_-ei2oqMDLXzeKeG8MnKQ&google_cver=1&google_push=AXcoOmQWYWyk7N7cfvxJ888mOVCIlqstczGlJYOp7Su6i2AGkfZ34TciOxE0nWn399MXVtzvOzuRRmfcvKXNzYGFnwOpM2K-7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWYWyk7N7cfvxJ888mOVCIlqstczGlJYOp7Su6i2AGkfZ34TciOxE0nWn399MXVtzvOzuRRmfcvKXNzYGFnwOpM2K-7w&google_hm=kkdfKFf0NjrV1DoiwgnQeQ
Request Chain 460
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELWPMkS3ifocwsOjapUlHPo&google_cver=1&google_push=AXcoOmRVCKvU3NpEogq5x4L7W3f7nhnA55AKdylxffRmwE5sd8LJY-m5otqgIGkCm9-BkkqEKTsgkJZXgzdAkpnGpOQQBkGSc3Wx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx&google_gid=CAESELWPMkS3ifocwsOjapUlHPo&google_cver=1&google_push=AXcoOmRVCKvU3NpEogq5x4L7W3f7nhnA55AKdylxffRmwE5sd8LJY-m5otqgIGkCm9-BkkqEKTsgkJZXgzdAkpnGpOQQBkGSc3Wx

518 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.baixaki.com.br/ 		177 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/ Next.js
Resource Hash
6f3fc80f9deadc1316f040afc46f06e1798b74bd3f80d0e414dad2effa8a2311
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:41 GMT
expires
Thu, 19 Oct 2023 19:31:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
version
3.0.4
x-nextjs-cache
STALE
x-powered-by
Next.js
7ac675a29d40a4de.css
www.baixaki.com.br/_next/static/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/css/7ac675a29d40a4de.css
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
1949afdbec8fa5d3e353ee732b20f8555c5002fc1e543b80da3ef0b02264e5ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:41 GMT
2c2dfa59234d7097.css
www.baixaki.com.br/_next/static/css/ 		1 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/css/2c2dfa59234d7097.css
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:41 GMT
4116.6e86c4317c6fa479.js
www.baixaki.com.br/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/4116.6e86c4317c6fa479.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
e80bcab0fa0113993923833fc0920eb93c1e54a6b1c950a3f2b85263203f6b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 29 Sep 2023 14:57:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:41 GMT
5360.46cef869b9db9fb5.js
www.baixaki.com.br/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/5360.46cef869b9db9fb5.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
47fb50f0855c84eb77cfab1ae2017233f412d4aac8014aada761402737843375
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:41 GMT
6066.7ecb23e811ddcb36.js
www.baixaki.com.br/_next/static/chunks/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/6066.7ecb23e811ddcb36.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
71211473bd0944f642c4247d2b8591281f02389d2ee01136e96f082a101dfce5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 29 Sep 2023 14:57:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
5192.3a8588d4a723cf8c.js
www.baixaki.com.br/_next/static/chunks/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/5192.3a8588d4a723cf8c.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
82dc71c40b210bd3bc017971c0c36a58e387657d30d738812956275d604ce8bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 09 Oct 2023 18:14:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
5259.94f9a540268753fa.js
www.baixaki.com.br/_next/static/chunks/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/5259.94f9a540268753fa.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
56bf1996fdbb44c42658312540c3caf0d903021794e56ba3a25a2a0e9f077a50
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
6165.557e8166effd2d29.js
www.baixaki.com.br/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/6165.557e8166effd2d29.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
d9486ba165a7c79bac8eb0b2f0b4a6d52227ede424f3ad6a7d001bc0f3addea2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
1733.f561ad338f887001.js
www.baixaki.com.br/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/1733.f561ad338f887001.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
eabd3e9e62dea0c3e2c7540f976cdf699a5ceb9e1592d41d29288666b804edde
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
4321.a85b233abcd80b48.js
www.baixaki.com.br/_next/static/chunks/ 		977 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/4321.a85b233abcd80b48.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
5e1f9788804e56603b28fd1c5f6d7921742d055c9d6410e70cc968ae26869b5c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
8057.3606d5d84ec08bc9.js
www.baixaki.com.br/_next/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/8057.3606d5d84ec08bc9.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
8f0c96a4c982077c13466c7888b87c23c42aecea9412cf71cba478c67d340e23
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
7977.48481e262407791c.js
www.baixaki.com.br/_next/static/chunks/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/7977.48481e262407791c.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
7210.904d32ffbc162181.js
www.baixaki.com.br/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/7210.904d32ffbc162181.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
7de7e75a7848ff8222363af83c77681e09c3b2573e3c730778d47f154cfbf155
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
webpack-a6fe1efe4959b0fa.js
www.baixaki.com.br/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/webpack-a6fe1efe4959b0fa.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
28ce9d9e7f46767fe1e863a966fc63a23f858d8e1e8ccc73643886f85ef3f124
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:42 GMT
main-9a1d5972fa372b2a.js
www.baixaki.com.br/_next/static/chunks/ 		130 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/main-9a1d5972fa372b2a.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
24704913e0f4ba9f37f4af868d511e0ca5cea751f6d0858b92e4193dd14999c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
_app-bb8f857de0ea4b02.js
www.baixaki.com.br/_next/static/chunks/pages/ 		236 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/pages/_app-bb8f857de0ea4b02.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
4873f8d4029eaa6252dc89cfb33397204d469176db5c7c13683244d3c6029164
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 18 Oct 2023 16:42:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
7899-8ff7a6b4611fdbc1.js
www.baixaki.com.br/_next/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/7899-8ff7a6b4611fdbc1.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
1664-fcc2a81595535b73.js
www.baixaki.com.br/_next/static/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/1664-fcc2a81595535b73.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
d27befe4599dc1d45a66d9cb6425315698eec0f7d9e43eb7803c3c5f4012e31d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
index-2a9efd0ca35e5305.js
www.baixaki.com.br/_next/static/chunks/pages/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/pages/index-2a9efd0ca35e5305.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
5f3b1de68a7354fa5ece6f8690f51154a5b0db63713acca6553543a15e933547
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 10 Oct 2023 18:23:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
_buildManifest.js
www.baixaki.com.br/_next/static/JhD5OpQ79jSCqLQU8pCTJ/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/JhD5OpQ79jSCqLQU8pCTJ/_buildManifest.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
c054225572322b7c53367a9abf1138ec393b4d4bf1462ebaefb2be14d5e65acc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 18 Oct 2023 16:42:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
_ssgManifest.js
www.baixaki.com.br/_next/static/JhD5OpQ79jSCqLQU8pCTJ/ 		374 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/JhD5OpQ79jSCqLQU8pCTJ/_ssgManifest.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:43:59 GMT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
parental-ranting-L.svg
www.baixaki.com.br/next-img/ 		657 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baixaki.com.br/next-img/parental-ranting-L.svg?ims=fit-in/16x16
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
386526af3be13a93eefef55ac9de45e5b789e26121580fadb6d22376d348f0be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:36:40 GMT
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=300
expires
Thu, 19 Oct 2023 19:31:43 GMT
17180102227005.png
bk.ibxk.com.br/2023/02/17/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/02/17/17180102227005.png?ims=fit-in/76x64
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
690
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1266
expires
Tue, 12 Sep 2023 11:34:22 GMT
17180102242009.png
bk.ibxk.com.br/2023/02/17/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/02/17/17180102242009.png?ims=fit-in/76x64
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
760
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
962
expires
Wed, 06 Sep 2023 19:42:32 GMT
17180102242008.png
bk.ibxk.com.br/2023/02/17/ 		784 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/02/17/17180102242008.png?ims=fit-in/76x64
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
777
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
784
expires
Wed, 06 Sep 2023 19:50:38 GMT
17180102227007.png
bk.ibxk.com.br/2023/02/17/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/02/17/17180102227007.png?ims=fit-in/76x64
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
665
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
908
expires
Tue, 12 Sep 2023 11:34:23 GMT
logo-nzn_footer.svg
www.baixaki.com.br/next-img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baixaki.com.br/next-img/logo-nzn_footer.svg?ims=fit-in/120x30
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
9e2e12ff8674a41e0fa4d9ab2b50ea160c0c82a981847b2584a18c6be9c0387d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 18 Oct 2023 16:36:40 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=300
expires
Thu, 19 Oct 2023 19:31:43 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
14194056736000.png
tm.ibxk.com.br/2023/06/14/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.ibxk.com.br/2023/06/14/14194056736000.png?id=sprite-tm
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/css/7ac675a29d40a4de.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
0.0.3
date
Thu, 19 Oct 2023 19:26:43 GMT
x-original-image-size
8534
x-ims
Enabled
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
content-length
13130
expires
Fri, 18 Oct 2024 19:26:43 GMT
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaadcba60ae494e13ec2e8abc57dca8e614e86943782044fb387b7f91d9c3cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
07175154326015.jpg
bk.ibxk.com.br/2023/08/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/07/07175154326015.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
0d199267e69e6bfa9bdbeb33ceadd2e54f323160457e09c7b0ccadc02645da59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
12736
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1398
expires
Wed, 06 Sep 2023 12:03:22 GMT
24134647326055.png
bk.ibxk.com.br/2023/08/24/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/24/24134647326055.png?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
481ac16a35740a6159c1b357029f5eada79ae03070c87d2fc232c4103612e525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
15326
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
2650
expires
Tue, 12 Sep 2023 22:47:57 GMT
30134149355003.png
bk.ibxk.com.br/2023/08/30/ 		872 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/30/30134149355003.png?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
60af737c59104af32ed30ce00483c81beaa95b9488f886d09994b2d88e22f760

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
11520
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
872
expires
Tue, 12 Sep 2023 22:47:57 GMT
24162007668152.jpg
bk.ibxk.com.br/2023/08/24/ 		730 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/24/24162007668152.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
4d23f3bae0ca00448172087bf2190cb832b476b82e741c5dd97a27c6374a4514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
3414
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
730
expires
Tue, 12 Sep 2023 22:47:37 GMT
15181617589156.jpg
bk.ibxk.com.br/2019/02/15/ 		664 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2019/02/15/15181617589156.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
443e354b86f086967e160ed266eff20cea7a1e0dce02fb789c48695a8c5da6e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
34869
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
664
expires
Fri, 20 Oct 2023 14:50:28 GMT
15134917932005.png
bk.ibxk.com.br/2023/08/15/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/15/15134917932005.png?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
fc5e24bfc2b1d0ea7cf9983b92367e7b56354e70d1dd34f351aecc700d695e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
42019
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1588
expires
Wed, 06 Sep 2023 12:03:22 GMT
25124848394039.jpg
bk.ibxk.com.br/2023/08/25/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/25/25124848394039.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
5762e9f7ab619527bfe1810c1c5789913e5f64b7c800bb317dbc5ac08eadd40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
12899
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1086
expires
Tue, 12 Sep 2023 22:47:37 GMT
14195310960036.png
bk.ibxk.com.br/2023/08/14/ 		748 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/14/14195310960036.png?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
20dc2a6a39f55cfab55e8a9b3fee0cc77748ee2ddea57d7ff99bbc8c0ac84a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
13842
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
748
expires
Wed, 06 Sep 2023 12:03:22 GMT
13095542946006.jpg
bk.ibxk.com.br/2018/09/13/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2018/09/13/13095542946006.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3038c3fbf860a0c460ee0ad00e3f7f85c16403322972e5d8107ca72ff4607659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
24690
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
2012
expires
Fri, 20 Oct 2023 14:50:29 GMT
23181317222107.jpg
bk.ibxk.com.br/2023/08/23/ 		598 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/23/23181317222107.jpg?ims=50x50
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
926ec479173908c870a4038280c3a892df8c3470e3ba7e15d82a82c8003dc8e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
19998
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
598
expires
Fri, 20 Oct 2023 14:50:28 GMT
06150025351006.png
bk.ibxk.com.br/2023/09/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/06/06150025351006.png?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7505d7e03d267b06f1f1ce1ab2aa2eeb168acbd9994049a24b42d2016e4c2751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
10328
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
3052
expires
Thu, 07 Sep 2023 18:01:38 GMT
24162007668152.jpg
bk.ibxk.com.br/2023/08/24/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/24/24162007668152.jpg?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
9dbad73a13cd0f34233e0d0c731bd075bcc8a66dffb65769abd17a309977b4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
3414
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
994
expires
Wed, 06 Sep 2023 18:26:40 GMT
15181617589156.jpg
bk.ibxk.com.br/2019/02/15/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2019/02/15/15181617589156.jpg?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ef69eca203e040c5282878fa6a9641e5244da268537cb4a90b74c62ce716ee1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
34869
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
958
expires
Wed, 06 Sep 2023 18:26:40 GMT
31154355784115.png
bk.ibxk.com.br/2023/08/31/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/31/31154355784115.png?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
443546b93e8143c9c77865a9d96fc92e48c36b60ac2f0ed43d380500146a15fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
43121
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1148
expires
Wed, 06 Sep 2023 18:33:59 GMT
25124318749164.jpg
bk.ibxk.com.br/2014/02/25/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2014/02/25/25124318749164.jpg?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
1b4ab8263744686e9216e11aa5806f58c663f897c2664f81b8ece30ff9b02fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
13027
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1278
expires
Wed, 11 Oct 2023 12:57:39 GMT
24101828553011.png
bk.ibxk.com.br/2023/08/24/ 		592 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
5504382459f6ba7ed50a72936ea40ea4168323251c8315e633ec6dd1bbecb950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
6955
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
592
expires
Wed, 11 Oct 2023 12:57:39 GMT
18133808956021.jpg
bk.ibxk.com.br/2023/08/18/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/18/18133808956021.jpg?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c9cc59f1a54a6a15d83f64d4e84da2750cd868e7a37b1f2bcea7947d90b1e22a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
42736
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
902
expires
Wed, 11 Oct 2023 12:57:39 GMT
10101056802001.png
bk.ibxk.com.br/2023/10/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/10/10101056802001.png?ims=75x75
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
483029fbbed00780659263fea22a08ff4b65193d2679fdf509c96aac743a3c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
6557
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1782
expires
Wed, 11 Oct 2023 13:46:26 GMT
06135829619067.png
bk.ibxk.com.br/2023/10/06/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/06/06135829619067.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
6cef71fac411461a7c57be6280c7e5c8fe2b3df47d9e5c1a1d6603c381f43df3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
4903
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
930
expires
Sat, 07 Oct 2023 17:28:07 GMT
06112257783029.png
bk.ibxk.com.br/2023/10/06/ 		998 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/06/06112257783029.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c432d60812a6b760564df4b46b98cfb666c24f0f61c449f19bfd02a49eed3307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
10273
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
998
expires
Sat, 07 Oct 2023 16:39:07 GMT
29180820077032.png
bk.ibxk.com.br/2023/09/29/ 		600 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/29/29180820077032.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
0554bec4e20a358eb902829715a46987e3590ba6c818b49364c2bb067670d4fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
20198
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
600
expires
Sat, 30 Sep 2023 21:49:51 GMT
29172650341010.png
bk.ibxk.com.br/2023/09/29/ 		404 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/29/29172650341010.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
00bcc5572834607086d56f2b9a46becd2d2680cd026e676d061fea95863522cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
951
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
404
expires
Sat, 30 Sep 2023 20:43:32 GMT
29160620188002.png
bk.ibxk.com.br/2023/09/29/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/29/29160620188002.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
d6202bab7af5f082cce152cfba8759e95e4aefa056e174351d40b8013e459fe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
4835
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
918
expires
Sat, 30 Sep 2023 19:23:42 GMT
25195742885022.png
bk.ibxk.com.br/2023/09/25/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/25/25195742885022.png?ims=60x60
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
af2d6756e3ee842cf3c54d437d10e997d561e60255f0cbcaa3a70e03580ecd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
4159
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1212
expires
Wed, 27 Sep 2023 20:20:28 GMT
21142524737006.png
bk.ibxk.com.br/2023/09/21/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/21/21142524737006.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
612e1798abdd89f6ebd02453e5f80f5bcee4583b21214c5f56470cc2a1fdabb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
34739
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
3330
expires
Tue, 26 Sep 2023 18:20:16 GMT
20185202749022.png
bk.ibxk.com.br/2023/09/20/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/20/20185202749022.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
d03bf52989264bbd0fa6fb8e5a5a77278c8ab1364ae575509a233e56c32e29f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
13928
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1800
expires
Thu, 21 Sep 2023 21:52:04 GMT
05093540221001.png
bk.ibxk.com.br/2023/09/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/05/05093540221001.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ce0cab8045845ffbf253a8ad09c2957f114e082a60234b6848dbc9d7d08c9d2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
73495
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
5898
expires
Wed, 06 Sep 2023 12:35:43 GMT
28172553025105.png
bk.ibxk.com.br/2023/08/28/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/08/28/28172553025105.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
0602336e0a9d0caf9876031607786b5ebf33f3031722078fef6129a6110423e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
66045
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
7424
expires
Sat, 02 Sep 2023 12:48:58 GMT
18173111701002.png
bk.ibxk.com.br/2023/10/18/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/18/18173111701002.png?ims=80x80
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3931b27e9b2d93718c7913fb9d22163fe91d10b9ca157d764c2be739d6bf4e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
29281
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
4504
expires
Thu, 19 Oct 2023 20:52:03 GMT
06103903264000.png
bk.ibxk.com.br/2023/10/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/06/06103903264000.png?ims=80x80
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
2ae4f0984ee2b7ff1f2bd88655a2683a75da5b3d46628a161d98dde53444041a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
4077
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
3264
expires
Sat, 07 Oct 2023 13:52:04 GMT
05171251625006.png
bk.ibxk.com.br/2023/10/05/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/05/05171251625006.png?ims=80x80
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
1b4cd07aa9e6843e1de76b9e78f00e5b25617b718b3a271814b86b57d967dfec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
21527
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1376
expires
Fri, 06 Oct 2023 21:07:47 GMT
04165906851003.png
bk.ibxk.com.br/2023/10/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/04/04165906851003.png?ims=80x80
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
7803924df02278100adb0a24a4913112cf71d74d023fd6379dd958124993537a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
33872
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
3044
expires
Thu, 05 Oct 2023 20:31:53 GMT
03175644650064.png
bk.ibxk.com.br/2023/10/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/03/03175644650064.png?ims=80x80
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
ae825083480f63e9970c2ec78412906bcdce950a2c976a4b171b3ce530e0ecf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
40871
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
3084
expires
Wed, 04 Oct 2023 21:18:22 GMT
25164635239000.png
bk.ibxk.com.br/2023/09/25/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/25/25164635239000.png?ims=400x300
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
5c4d8c1d71cb3f06e376df4cb71bdcd950b29f9f84f7a6a7a278c220a480ccd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
954
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
1602
expires
Fri, 06 Oct 2023 21:02:31 GMT
19160501921352.jpg
tm.ibxk.com.br/2023/10/19/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.ibxk.com.br/2023/10/19/19160501921352.jpg?ims=364x216
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
2b8ade183340a225b91127fb62b5abf38fe00e9c7e8e011f8b071ea0350bf993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
0.0.3
date
Thu, 19 Oct 2023 19:26:44 GMT
x-original-image-size
86387
x-ims
Enabled
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
content-length
16690
expires
Fri, 18 Oct 2024 19:26:44 GMT
01175356205001.png
bk.ibxk.com.br/2023/09/01/ 		432 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/01/01175356205001.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
a4f24f0c32add1aeb20f2d3af17d643736930f9027a0cce2adae064ee550c49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
297
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
432
expires
Tue, 12 Sep 2023 03:45:02 GMT
19115141775125.jpg
tm.ibxk.com.br/2023/10/19/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.ibxk.com.br/2023/10/19/19115141775125.jpg?ims=364x216
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
fff2f5d8ef03178ae1a956d4547509c1e591589ef61e5a69f02572d1ea7aed65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
0.0.3
date
Thu, 19 Oct 2023 19:26:43 GMT
x-original-image-size
26347
x-ims
Enabled
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
content-length
3702
expires
Fri, 18 Oct 2024 19:26:43 GMT
04173556646013.png
bk.ibxk.com.br/2023/09/04/ 		806 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/04/04173556646013.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
da6e5db23002b9c4c9e7330cc86471da5c47253cba0aeb3186ae8afbf563a49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
650
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
806
expires
Tue, 05 Sep 2023 20:35:59 GMT
19112918931106.jpg
tm.ibxk.com.br/2023/10/19/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tm.ibxk.com.br/2023/10/19/19112918931106.jpg?ims=364x216
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
582854b9221a0ee17f876b0468d1b9163fc428e4e45383ac9275d5ce7195ecb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
0.0.3
date
Thu, 19 Oct 2023 19:26:43 GMT
x-original-image-size
367933
x-ims
Enabled
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
content-length
15768
expires
Fri, 18 Oct 2024 19:26:43 GMT
01175356267002.png
bk.ibxk.com.br/2023/09/01/ 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/01/01175356267002.png
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
1a8f6d1446d2ab21a8237eab6092f2094cb532c9ff6fd6c86c2805ab61a55c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Azion IMS
x-original-image-size
463
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
892
expires
Sat, 02 Sep 2023 20:54:30 GMT
18161946748001.jpg
bk.ibxk.com.br/2023/10/18/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/10/18/18161946748001.jpg?ims=400x300
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
f6c1dcfa8f4ebf664f2f7056b68cf19f7e8926ed9617981ea0de9b09907c09cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
15760
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
9382
expires
Thu, 19 Oct 2023 19:20:54 GMT
21142524659001.png
bk.ibxk.com.br/2023/09/21/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bk.ibxk.com.br/2023/09/21/21142524659001.png?ims=400x300
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
c999d371261d5884f9bea49a3f1051793739b7f8680791a9fd21210e4be4c858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Azion IMS
x-original-image-size
56405
x-ims
Enabled
vary
Accept
content-type
image/webp
content-length
16270
expires
Fri, 06 Oct 2023 21:03:06 GMT
gtm.js
www.googletagmanager.com/ 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7f00e1b94395c25fb501849ae6047001c868aeb36305678fb6a8974c8fc237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83771
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:43 GMT
/
www.tecmundo.com.br/comparador/ Frame 598B 		142 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/pages/index-2a9efd0ca35e5305.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
09dcaefd024d3b1a7cafa618c82815f1e253ae69e2d79822dfdf50d33034cbbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=300
content-encoding
gzip
content-language
pt-BR
content-length
15805
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 19:26:46 GMT
expires
Thu, 19 Oct 2023 19:31:46 GMT
server
Apache
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding, User-Agent
version
2.10.9
%5Bslug%5D-4985bf6dbab70fd1.js
www.baixaki.com.br/_next/static/chunks/pages/blog/%5BcontentType%5D/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/pages/blog/%5BcontentType%5D/%5Bslug%5D-4985bf6dbab70fd1.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/main-9a1d5972fa372b2a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:43 GMT
%5Bslug%5D-4985bf6dbab70fd1.js
www.baixaki.com.br/_next/static/chunks/pages/blog/%5BcontentType%5D/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/static/chunks/pages/blog/%5BcontentType%5D/%5Bslug%5D-4985bf6dbab70fd1.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/main-9a1d5972fa372b2a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
f374d3df04867ddfe5c2146d4402b5e171f95345158d21b38ebfaa49e2e9d195
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 05 Oct 2023 18:57:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:44 GMT
key-design-relanca-aplicativo-de-joias-masculinas.json
www.baixaki.com.br/_next/data/JhD5OpQ79jSCqLQU8pCTJ/pt-BR/blog/noticias/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/data/JhD5OpQ79jSCqLQU8pCTJ/pt-BR/blog/noticias/key-design-relanca-aplicativo-de-joias-masculinas.json
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/main-9a1d5972fa372b2a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
8671fdfce83f38fda3c0911e07b49bf4b7298baef06d71d3b1953dbf09b5ab4a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:44 GMT
x-nextjs-matched-path
/pt-BR/blog/[contentType]/[slug]
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
content-type
application/json
x-nextjs-cache
STALE
cache-control
max-age=300
expires
Thu, 19 Oct 2023 19:31:44 GMT
como-um-malware-no-celular-pode-afetar-seu-pc.json
www.baixaki.com.br/_next/data/JhD5OpQ79jSCqLQU8pCTJ/pt-BR/blog/noticias/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/_next/data/JhD5OpQ79jSCqLQU8pCTJ/pt-BR/blog/noticias/como-um-malware-no-celular-pode-afetar-seu-pc.json
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/chunks/main-9a1d5972fa372b2a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
133684e4f424f7b9866abc7d33697dfa6a79ff897a30f0fc2fcbc09dcf241dd4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

purpose
prefetch
x-nextjs-data
1
Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:44 GMT
x-nextjs-matched-path
/pt-BR/blog/[contentType]/[slug]
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
content-type
application/json
x-nextjs-cache
STALE
cache-control
max-age=300
expires
Thu, 19 Oct 2023 19:31:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 17:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5822
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 19:49:42 GMT
injector.js
tag.goadopt.io/ 		319 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d0caf6097184ebc9c0c411588575d70bba301da133aef79de9936355b5a4f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 19:26:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYg023xIicBndOe7yNMzrGfdxjYqzwpx6A%2Bu0N9TIJCkTFD6geqv%2FGOVefuzB4jnJBkXSZar1BRYPM46C%2FtgLd0b80Ru%2BmuLWzdmhvotZXsirfsIqi%2FtHMj0rCffeMc%2FAG3GpB0qKHWS3GSf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
818b6a1579db372c-FRA
alt-svc
h3=":443"; ma=86400
request-context
appId=cid-v1:
cmm3u97hf1
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cmm3u97hf1?ref=gtm2
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
444dd4e9680d0656ec483ee5e3f6dcf0594fa3acd772fc6393fa74a5fc942be0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
-1
date
Thu, 19 Oct 2023 19:26:44 GMT
x-azure-ref
20231019T192644Z-fpx6ahrzhx76mdt8gm9ftd92bn00000002w000000000fuf9
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
cmm3u97hf1
www.clarity.ms/tag/ 		650 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cmm3u97hf1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7acd7c240fb4ea525f3e01c254d6efa248f454deca1da12a02426b2faf73b8f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
-1
date
Thu, 19 Oct 2023 19:26:44 GMT
x-azure-ref
20231019T192644Z-fpx6ahrzhx76mdt8gm9ftd92bn00000002w000000000fufa
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
pushnews-launcher.js
cdn.pn.vg/push/ 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
via
1.1 aa393156633f77c48a95484592ea7686.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP53-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 18:33:43 GMT
server
cloudflare
etag
W/"3b0072743385c7b1bb595312ab9c3eab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh2GmFjtREku1Gk8t58AQST7p7ziUCDnzfBgoB0wq7RUHEx4KofB566Rf2I5c5%2FgfHlA%2BWFSk7xzebbc0GcDoRNMHj7PP6EE6JacljYJ1706PXYDRB4AjZJ7e8vGYyErfy%2FoqY0KcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
818b6a164918381f-FRA
x-amz-cf-id
dozR6mD4AvRpadIjXUAiZYCzh1UbmrepiGhsRAPK7nxolOBQtdVmOA==
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca0e9d0df1239c65953a8661cc03c1ba420845f5d0fe522a75b4e5612256bda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 19:26:43 GMT
a
www.googletagmanager.com/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.baixaki.com.br%2F&tdp=GTM-PLT9M46;48907248;0;0;0&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.baixaki.com.br%2F&tdp=GTM-PLT9M46;48907248;0;0;0&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:43 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:43 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1googtag.1ua.1paused.1paused.1hl.1cl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1cl.1lcl.1lcl.1lcl.1html.1html.5html.1html.5html.1html&ti=2googtag.1ua.2paused.2paused.1hl.1cl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1lcl.1cl.1lcl.1lcl.1lcl.1html.1html.1html.1html.1html.1html&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c280513be5514ce624dc684ba0b33c5e415cdcc3810bbdeb99454533761ec046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29233
x-xss-protection
0
server
cafe
etag
507 / 19649 / 31078969 / config-hash: 16194952757596211065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:44 GMT
tm13767.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13767.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 May 2023 18:47:14 GMT
server
cloudflare
age
2027
etag
W/"6470feb2-432e"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
818b6a1748f3085d-FRA
expires
Thu, 19 Oct 2023 19:52:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d808ebecee94046027c9de129d788231c191bf793583957a4e85f13f02a72e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Origin
https://www.baixaki.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51389
x-xss-protection
0
server
cafe
etag
6050813195208428095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=10800
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:44 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=*&eid=3&u=AAAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.dom&eid=4&u=AAAAAAAAAAAAAACA&h=Ag&tr=1html.1html.1html.5html&ti=1html.1html.1html.1html&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je3ai0&_p=53756776&_gaz=1&cid=634115515.1697743604&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697743604&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJP529EVF&cid=634115515.1697743604&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJP529EVF&cid=634115515.1697743604&gtm=45je3ai0&aip=1&z=368223078
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=53756776&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1386652786&gjid=114258005&cid=634115515.1697743604&tid=UA-144680-1&_gid=2090811088.1697743604&_r=1&_slc=1&gtm=45He3ai0n81PLT9M46&z=641794653
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144680-1&cid=634115515.1697743604&jid=1386652786&gjid=114258005&_gid=2090811088.1697743604&_u=YADAAEAAAAAAACAAI~&z=2004108357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Oct 2023 19:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.12/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.12/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cmm3u97hf1?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
br
last-modified
Thu, 12 Oct 2023 01:51:26 GMT
etag
W/"0x8DBCAC5BF4C06D9"
vary
Accept-Encoding
x-azure-ref
20231019T192644Z-fpx6ahrzhx76mdt8gm9ftd92bn00000002w000000000fuft
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
eaaf15fb-801e-0077-1479-fefb4f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=634115515.1697743604&jid=1386652786&_u=YADAAEAAAAAAACAAI~&z=2020934675
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=634115515.1697743604&jid=1386652786&_u=YADAAEAAAAAAACAAI~&z=2020934675
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
y.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.baixaki.com.br
Date
Thu, 19 Oct 2023 19:26:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1643b1e1621b3669f5eb83e9b5ab37610e9d39b1fefa7d700b2d7157dbd50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137111
x-xss-protection
0
server
cafe
etag
15623610415199650822
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 7769 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Thu, 02 Nov 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		395 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.baixaki.com.br&callback=_gfp_s_&client=ca-pub-7019091094896260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60e7a130977468dd657cdfdb7451bfdd1b2aed628503affbb0d65d9c3b01bf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5C57 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1697736405&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697743604670&bpp=5&bdt=3204&idt=348&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6353969840584&frm=20&pv=2&ga_vid=634115515.1697743604&ga_sid=1697743605&ga_hid=53756776&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44802212%2C44759837%2C31077328%2C44795922%2C44805113%2C44805533%2C44805681%2C44805921%2C31078301&oid=2&pvsid=2381066866032716&tmod=518073552&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf18b3cbc63097c6d6feea2156a89b1f6f709d58a57a5ddbba1945188485c123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5626
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Thu, 19 Oct 2023 19:26:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=new-float-ads&cls=new-float-ads&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-consent
disclaimer-api.goadopt.io/api/tag/ 		141 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a47ef3d5747219fc5fbfad88863a8d9a451771de8a30a16d9b794a3c77e3beac

Request headers

Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
request-context
appId=cid-v1:
server
cloudflare
etag
W/"8d-MWpPMFzldW43QA54cgVfwq1fL3s"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.baixaki.com.br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HfaOj%2FUn4E5ilez3KOs8RX7XyTQdAAwckyhmH%2F8mLQuPcTlt5Qb8cv9V8Oq%2F4PfAFbC7OFpxQk15u9ifba2TA4ww6hoiaAtYtNJqPHC6qQixUenUDKcKRi%2FHD8uq2lp9ETp9T1Y2zrFgBSnzD%2BkwDoWD4EIfcQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
5
access-control-allow-credentials
true
cf-ray
818b6a1e6e83372c-FRA
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang
5bf881a8-5b79-4aea-b103-91e5386249de.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5b13b9c000b55744f9cd5f0de25af30125eef4101c68a3c94bff012e20cc48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
via
1.1 93c05674a873410f17afbb33f0b6fa7c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 19 Jul 2023 17:35:31 GMT
server
cloudflare
etag
W/"e5d6b1786865ca6a8ea954fdcd4bd98f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUfDcN9XHi%2FcbJgF5PwVwShcO4EY5opjN9dnIz%2Bc2AQ6BdizwhVIQt9qIyRqQCvw7G1P8yL5Ef%2FuumYoMCuDGRAuFjS1U3ntpRScYzmBSgOoKmdHxMnN5HFGzuNpgQfMqn%2Bt5v6ayw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
818b6a1e6d4b381f-FRA
x-amz-cf-id
v3RHq1c5XDcvfPHmvEpf61IomLa8n1kRO_n-HA1OePdM99p7QAMLXA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
31762
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 18 Oct 2024 10:37:23 GMT
usr
usr.navdmp.com/ 		77 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbd742a08994ef0fdf3c3dbe43c97abc31f993e30353472e78cfb647f669234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
818b6a1e8aa2085d-FRA
expires
Thu, 19 Oct 2023 20:26:45 GMT
collect
y.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.baixaki.com.br
Date
Thu, 19 Oct 2023 19:26:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d230704768b5d2358d010d93a6c9b6bbe42e67befe603e710a6b2cbad945fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32780
x-xss-protection
0
server
cafe
etag
14007116550525367297
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:45 GMT
ilabspush.min.js
cdn.pn.vg/push/ 		219 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2eacf94143cbddb9f47389da0c2ee35b307fc3cc816bd22136282465486c2da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
via
1.1 b81d17a9e7eef1e489776410aee346e2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG50-P1
age
1670
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 10 Oct 2023 21:21:42 GMT
server
cloudflare
etag
W/"3d22feb02bb05bfe4faae54cff88e4d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2xtHloHZNRCDmhOZ4uKMppwqTe7YZ3bzwk94kPUheuEEUzNdYrPabNlblBB4Af%2Bi%2Fa84ezIyFBGTp72hTx42SxXZegRv3KX%2BF74CpNIl6kK28Dn7MSieULLwIyhpZpGMNaFj04pTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
818b6a1ecdd4381f-FRA
x-amz-cf-id
tc4Rmmt2_IkOImC-Zl--pUB4moVWvXKv3FQSDBsUB4YWpcdHrUMH4Q==
pushnews-sw.js
www.baixaki.com.br/ 		95 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.baixaki.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
3.0.4
date
Thu, 19 Oct 2023 19:26:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 19:32:14 GMT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
expires
Sat, 18 Nov 2023 19:26:45 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		218 KB
70 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2381066866032716&correlator=1815757362271311&eid=31078969%2C31078934&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cdesktop%2Cleaderboard_top%2Cancora%2Cleaderboard_middle%2Chalf_page%2Csquare&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F5%2C%2F0%2F1%2F4%2F6%2C%2F0%2F1%2F4%2F7%2C%2F0%2F1%2F4%2F8%2C%2F0%2F1%2F4%2F9&prev_iu_szs=1x1%7C800x500%7C1920x750%7C1900x935%7C1920x1080%2C728x90%7C970x250%7C970x90%7C1x1%2C970x90%7C1x1%7C728x90%2C1x1%7C728x90%7C970x90%7C970x250%2C1x1%7C300x600%2C1x1%7C300x250&ifi=2&didk=606830616~1219620439~3093749535~4122620516~445717446~3618103558&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc62bdc05e2562fde-226f1ad3f0e20087%3AT%3D1697743605%3ART%3D1697743605%3AS%3DALNI_MY_aSsPa8NLkQaGrUpgbPraX56xBw&gpic=UID%3D00000c9cae9eb129%3AT%3D1697743605%3ART%3D1697743605%3AS%3DALNI_MYyHPgAYJmd8Ys8zST7YPL2QXD6ug&abxe=1&dt=1697743605669&lmt=1697736405&adxs=400%2C436%2C315%2C436%2C1090%2C1090&adys=0%2C211%2C1110%2C3683%2C2965%2C2975&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1600x-1%7C728x250%7C1600x5268%7C970x250%7C300x0%7C300x0&msz=1600x-1%7C728x0%7C1600x-1%7C728x0%7C300x0%7C300x0&fws=516%2C4%2C512%2C4%2C4%2C4&ohw=1600%2C728%2C0%2C970%2C300%2C300&ga_vid=634115515.1697743604&ga_sid=1697743605&ga_hid=53756776&ga_fc=true&dlt=1697743601466&idt=4175&prev_scp=%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=1286048242%2C3987075887%2C2460663856%2C2443166763%2C35649785%2C3654451204&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
680f4abc07f09237d349e1212e54b1b4ffb3cfe8201e2ac05f368597ac9c4393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72057
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9585 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=1380731dd5e85dbe60f411ef5810&acc=13767&url=https%3A//www.baixaki.com.br/&tit=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%EA&h1=milhares%20de%20apps%2C%20jogos%20e%20programas%20para%20voc%EA.
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
818b6a1fcc5e085d-FRA
content-length
6
content-type
application/x-javascript
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&e=gtm.dom&eid=4&u=AgAAAAAAAAAAAACA&h=Ag&tr=5html.5html&ti=1html.1html&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=*&eid=30&u=AgAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=*&eid=31&u=AgAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=*&eid=32&u=AgAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=*&eid=33&u=AgAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
5bf881a8-5b79-4aea-b103-91e5386249de.json
osp-assets.pn.vg/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://osp-assets.pn.vg/5bf881a8-5b79-4aea-b103-91e5386249de.json
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7B916NP2A22N8Y53
age
87665
x-amz-server-side-encryption
AES256
x-amz-id-2
9LwgRzyJxpZ2eU340Yi9VAtJyZY5RLJQY9YLE2bTAPOMIF2+IULM4tvhVgsga1jr8wT5Hybw/FyVoh8Ab2U6B6NJSEvxH4ST
last-modified
Mon, 17 Oct 2022 15:18:42 GMT
server
cloudflare
etag
W/"4466c94390027d272a7ef7edb68cf327"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, PUT
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51TxPw4BZrdZsRwwvINxgxQaKvVw1CIA%2Fqqw0uYbiaWxCVJx%2Bi6xLH4djRmzG1vgZduE%2FjGjn%2BsLV6gXu1qcQlrmH4kK2BLaX4exm78snMqkO6CIiCtWC1JR8FRw3d9iDPk9K5Yc0Vdk5hh6xTM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
cf-ray
818b6a210a2c2be8-FRA
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:45 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
1415
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 May 2023 17:43:50 GMT
server
cloudflare
etag
W/"d83660b1645b3c67ae586e71ccd92e33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvD2EoxRANFdATQK2gBsWDoF%2BSMbx8heDj1muez2x7fhaNzWufig5LuwHwXT%2FV7Zd%2BL19L7Ufgelfma%2FvGz2OOmrX5X%2B4nBXYZGwr0lDi7hn8Ykz%2BPu4LD%2FShh8EhCXvRYoq5p%2FKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
818b6a206ff9381f-FRA
x-amz-cf-id
rvuDe3h1j7tsom4sM2TovJNACkJ2-_v15MGV0DBy-grgRpWOqYe4Dg==
/
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 		412 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Max-Age
86400
Connection
keep-alive
Access-Control-Allow-Method
GET, OPTIONS
fa-solid-900.woff2
www.tecmundo.com.br/comparador/static/production/css/webfonts/ Frame 598B 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/css/webfonts/fa-solid-900.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-length
50372
last-modified
Wed, 27 Apr 2022 17:21:33 GMT
server
Apache
etag
"c4c4-5dda60a743f78"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-language
pt-BR
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
plugins.css
www.tecmundo.com.br/comparador/static/production/css/ Frame 598B 		188 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/css/plugins.css?v=1110
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
8d7b3643b7d5c5a5cc315ae1c4c64351ca66c31884e6703833f17045471eca4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 18:15:33 GMT
server
Apache
etag
W/"2f0ff-604a09cd9e4e0"
vary
Accept-Encoding, Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
style.css
www.tecmundo.com.br/comparador/static/production/css/ Frame 598B 		117 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
c5bcaccbfad38f670355de3986466a6d4f5fc5c74a874d9f6078365084d3f02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 18:15:33 GMT
server
Apache
etag
W/"1d4be-604a09ce1a540"
vary
Accept-Encoding, Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
js
www.googletagmanager.com/gtag/ Frame 598B 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138518480-4
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
791d83d6de49b8dac7d5dd678632ceb3c902eefcf173893e21383f7cd5f30143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69261
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 19:26:46 GMT
plugins.min.js
www.tecmundo.com.br/comparador/static/production/js/ Frame 598B 		104 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/js/plugins.min.js?v=1110
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
02bbeda80ceeb8921f45a12d547bcd54e39948b71c7f172a4f0c825cdc6844db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-encoding
gzip
last-modified
Fri, 15 Jul 2022 16:11:26 GMT
server
Apache
etag
W/"1a0a6-5e3da453339d0"
vary
Accept-Encoding, Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 598B 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab6dcdc369826bee6e938dc38494c1efc85f0e315c24e11dc25b5a32c556f426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29402
x-xss-protection
0
server
cafe
etag
622 / 19649 / m202310160101 / config-hash: 16194952757596211065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:46 GMT
css2
fonts.googleapis.com/ Frame 598B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd11611c519a8292e00750c134608f8479e2720d244ebd77e12e6846a1dbfeae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 19:26:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:46 GMT
tecfriday.webp
www.tecmundo.com.br/comparador/static/production/images/ Frame 598B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/static/production/images/tecfriday.webp
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
42413772d3607ab5aa44b4b1eeaee98e932f9251724ddaecaf38d00809f9710d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
15944
etag
"a12b69f8937e0fb133ae84fb566152886a87fa6f"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12192
version
2.10.9
blank200x200.png
www.tecmundo.com.br/comparador/image/ Frame 598B 		138 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/image/blank200x200.png
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
175b616d38847e1451a8d93d960619befe774aefeffe27de39ac918fc6981d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
321
etag
"c5070831bc9c7848bd17d846e06bd7d8cf38bb12"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
138
version
2.10.9
363_Slide146.jpg
www.tecmundo.com.br/comparador/uploads/banners/ Frame 598B 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/uploads/banners/363_Slide146.jpg
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
771038d843b308b2b343a3b4e3b21b5d7a343777cba61729fee27c7a5d4c6d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
31425
etag
"5363ef4a95d9294ed6301c9cab5172b53a815a64"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14616
version
2.10.9
364_Slide147.jpg
www.tecmundo.com.br/comparador/uploads/banners/ Frame 598B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/uploads/banners/364_Slide147.jpg
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
dc6a9376154a665147945c07a00560ca80df36ea06949ac8e0a0426c3473014e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
11447
etag
"264b33a4f6038c5dac804721042e5c4fe5727759"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5886
version
2.10.9
plugins_defer.min.js
www.tecmundo.com.br/comparador/static/production/js/ Frame 598B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/js/plugins_defer.min.js?v=1110
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
afddaa8a919a8a33ced38eeae1ee7bbe21d66458941b560561fe100938148c00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 17:21:33 GMT
server
Apache
etag
W/"1d760-5dda60a746c68"
vary
Accept-Encoding, Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
system.min.js
www.tecmundo.com.br/comparador/static/production/js/ Frame 598B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/static/production/js/system.min.js?v=1110
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
36bbf4b3490c908ed266fa0da7fb15eb18e7278509c9bf4f9d8f958d7ce204a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

version
2.10.9
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-encoding
gzip
last-modified
Thu, 09 Mar 2023 19:56:14 GMT
server
Apache
etag
W/"5e7c-5f67d097f0328"
vary
Accept-Encoding, Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 19 Oct 2023 19:31:46 GMT
gtm.js
www.googletagmanager.com/ Frame 598B 		121 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
202e73c36b7b4dad06c758d0aaa40da6f528bf9d4d1b30d4818d0af8429519b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47524
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:46 GMT
beacon.js
sb.scorecardresearch.com/ Frame 598B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 07:14:51 GMT
content-encoding
gzip
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
43916
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hJ-R9BiFyFzwRnpUb5nBPzzXNcdQfCfypl1fztZiZdsQ3jXhcNtTew==
chartbeat.js
static.chartbeat.com/js/ Frame 598B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 17:22:01 GMT
content-encoding
gzip
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
7485
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-FgBqvGGMb-eiibimPHCx95QSBQehvlFe1sk2TYYYrKXa5gfUNHNdg==
expires
Fri, 20 Oct 2023 17:22:01 GMT
logo-tecmundo.png
www.tecmundo.com.br/comparador/static/production/images/ Frame 598B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/static/production/images/logo-tecmundo.png
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
3c53ad775bdb28fce9a0385cc600f8952d2054ef431b58a2be38faf7a9a32d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
6389
etag
"5d216eb63ec454e27b75ef5103adb0725de7be55"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5980
version
2.10.9
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 598B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 07:08:08 GMT
x-content-type-options
nosniff
age
562718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 07:08:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 598B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:21:23 GMT
x-content-type-options
nosniff
age
295523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 09:21:23 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 598B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:37:45 GMT
x-content-type-options
nosniff
age
269341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 16:37:45 GMT
webglobal-logo-footer.png
www.tecmundo.com.br/comparador/static/production/images/ Frame 598B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tecmundo.com.br/comparador/static/production/images/webglobal-logo-footer.png
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Azion IMS /
Resource Hash
87b4f1657d1e30b19ee3b393c4678eeeac781512548b1bf19858c758d313ba53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/comparador/static/production/css/style.css?v=1110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 18 Oct 2024 19:26:46 GMT
date
Thu, 19 Oct 2023 19:26:46 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Azion IMS
x-original-image-size
1580
etag
"05953f0499e73b61a26f15d9063264c8e06c232d"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/webp
x-ims
Enabled
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1118
version
2.10.9
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 598B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:38:48 GMT
x-content-type-options
nosniff
age
96478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20064
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:58:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:38:48 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ Frame 598B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tecmundo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:45:26 GMT
x-content-type-options
nosniff
age
517280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19156
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:04:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 19:45:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ Frame 598B 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
1970
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135102
x-xss-protection
0
server
cafe
etag
524636607866283267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 18 Oct 2024 18:53:56 GMT
js
www.googletagmanager.com/gtag/ Frame 598B 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138518480-4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5be1c07db9d4366b23e49882d488975596437bc5552f05415ee846698263aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 19:26:46 GMT
js
www.googletagmanager.com/gtag/ Frame 598B 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144680-14&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZFH2FM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47ac5957f24fcfbe3f3858d7f973498c6d4695210ca82073811f4ed6dcea5fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69255
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:46 GMT
universal.min.js
tag.navdmp.com/ Frame 598B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
1033
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
818b6a26ce5e085d-FRA
expires
Thu, 19 Oct 2023 20:09:33 GMT
js
www.googletagmanager.com/gtag/ Frame 598B 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WZZ7CHGVYD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138518480-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
009c9739e48c0eafb4f5488cb5c7d7ad5b48e87b3f9b83a06d427643354e970a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91769
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 19:26:46 GMT
analytics.js
www.google-analytics.com/ Frame 598B 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138518480-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 17:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5824
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 19:49:42 GMT
b
sb.scorecardresearch.com/ Frame 598B 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1697743606840&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&c8=Comparador%20TecMundo%3A%20as%20melhores%20ofertas%20est%C3%A3o%20reunidas%20aqui&c9=https%3A%2F%2Fwww.baixaki.com.br%2F
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
HJID5PMKWWAc5wvGlzz1eWaO_37wYsNrXQOrQjhOGUY-uviADF0S7g==
x-cache
Miss from cloudfront
ping
ping.chartbeat.net/ Frame 598B 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=tecmundo.com.br&p=%2Fcomparador%2F&u=1trPiD7dC9zDJMjb5&d=tecmundo.com.br&g=55260&g0=home&g1=WebGlobal&n=1&f=00001&c=0&x=0&m=0&y=6431&o=1140&w=560&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fwww.baixaki.com.br%2F&PA=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&b=3261&_c=homeportal&_m=iframe&_x=baixaki&t=Dsf_gqBdQ1cZDnGDBbBp6M6dD59tPP&V=141&i=Comparador%20TecMundo%3A%20as%20melhores%20ofertas%20est%C3%A3o%20reunidas%20aqui&tz=-120&sn=1&sv=B-2HgYBMf1ZTD4FW2EDjVcYSBum-82&sr=https%3A%2F%2Fwww.baixaki.com.br%2F&sd=1&im=067b2fff&_
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
13767
tag.navdmp.com/u/ Frame 598B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/13767
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d5ca5aa304636bbd4445292c0ce7b26a8d39d838d2fb90d2ff0edffffc51ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 26 May 2023 18:47:14 GMT
server
cloudflare
etag
W/"6470feb2-d3e"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
818b6a271eca085d-FRA
expires
Thu, 19 Oct 2023 20:26:46 GMT
js
www.googletagmanager.com/gtag/ Frame 598B 		229 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WSNXN0LDEB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144680-14&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6d3a9d0745779c3f5ecdcd98aca2ca9a4da0b89ec58a2d86236ea7a6eb71bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82512
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 19:26:46 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 598B 		82 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3152756793657750&correlator=350550892375356&eid=31078934&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Ccomparador%2Cleaderboard%2Chalf-page%2Chalf-page2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C160x600%2C160x600&ifi=1&sfv=1-0-40&sc=1&cdm=www.tecmundo.com.br&abxe=1&dt=1697743607001&lmt=1697736407&adxs=15%2C-12245933%2C-12245933&adys=211%2C-12245933%2C-12245933&biw=-12245933&bih=-12245933&isw=1140&ish=560&scr_x=-12245933&scr_y=-12245933&ucis=ml17icc98vty%7Cblcgmztu9tdy%7Ccw6bm2814gh4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%3Futm_source%3Dbaixaki%26utm_medium%3Diframe%26utm_campaign%3Dhomeportal&ref=https%3A%2F%2Fwww.baixaki.com.br%2F&top=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1140x90%7C0x0%7C0x0&msz=1110x90%7C0x0%7C0x0&fws=256%2C384%2C384&ohw=0%2C0%2C0&ga_vid=1896194946.1697743607&ga_sid=1697743607&ga_hid=1378100481&ga_fc=true&dlt=1697743606574&idt=396&adks=1936759415%2C916682674%2C3742473635&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3eb432bc7d336bd8d2ef4654bb68e6964b9a3f62bedc67d0a95dc6080cbd634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26075
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.tecmundo.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6338 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Fri, 18 Oct 2024 19:26:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usr
usr.navdmp.com/ Frame 598B 		104 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13767&u=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ea940d593abb0842cded2bed0e4917cb80587ae05c73fc9eab30aee5d400852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
max-age=3600
act
f0
cf-ray
818b6a2868db085d-FRA
expires
Thu, 19 Oct 2023 20:26:47 GMT
req
cdn.navdmp.com/ Frame 598B 		6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=1380731dd5e85dbe60f411ef5810%7C0&acc=13767&tit=Comparador%2520TecMundo%253A%2520as%2520melhores%2520ofertas%2520est%25E3o%2520reunidas%2520aqui&url=https%253A%2F%2Fwww.tecmundo.com.br%2Fcomparador%2F%253Futm_source%253Dbaixaki%2526utm_medium%253Diframe%2526utm_campaign%253Dhomeportal&upd=1&new=1&ref=https%253A%2F%2Fwww.baixaki.com.br%2F&h1=Comparador%2520TecMundo
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
818b6a299a96085d-FRA
content-length
6
content-type
application/x-javascript
banner
www.tecmundo.com.br/comparador/banner/view/ Frame 598B 		15 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tecmundo.com.br/comparador/banner/view/banner?id_banner=363&d=1697743607468
Requested by
Host: www.tecmundo.com.br
URL: https://www.tecmundo.com.br/comparador/static/production/js/plugins.min.js?v=1110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept
*/*
Referer
https://www.tecmundo.com.br/comparador/?utm_source=baixaki&utm_medium=iframe&utm_campaign=homeportal
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:31:47 GMT
date
Thu, 19 Oct 2023 19:26:47 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
server
Apache
vary
Accept-Encoding, User-Agent
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
content-language
pt-BR
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
15
version
2.10.9
sodar
pagead2.googlesyndication.com/getconfig/ Frame 598B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b794559b0951df9a06ee583120e1f09f06a8685c3db2b696cd21c9a8c948458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12263
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&RedC=c.clarity.ms&MXFR=30B65B7359A8685E24AA48DC5DA86621
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&MUID=08762F8EA1796FC82E303C21A0D56EA0
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&MUID=08762F8EA1796FC82E303C21A0D56EA0
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A677B7CA5EFF46E7BF430A8CD7137306 Ref B: FRA31EDGE0709 Ref C: 2023-10-19T19:26:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F4B50DE7DCD34672BE4EF761B34A3C45&MUID=08762F8EA1796FC82E303C21A0D56EA0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ab765024d157f18e5648c1a518fc3b16824d8f28e8d62d77fc620f70696566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12156
x-xss-protection
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.load&eid=39&u=AgAAAAAAAAAAAACA&h=Ag&tr=1sdl.5sdl&ti=1sdl.1sdl&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=53756776&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=10&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=634115515.1697743604&tid=UA-144680-1&_gid=2090811088.1697743604&gtm=45He3ai0n81PLT9M46&z=2006228419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 03:45:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56477
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
y.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.baixaki.com.br
Date
Thu, 19 Oct 2023 19:26:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
container.html
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EBA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Fri, 18 Oct 2024 19:26:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 072B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Fri, 18 Oct 2024 19:26:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1AE7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Fri, 18 Oct 2024 19:26:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 598B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tecmundo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 19:26:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 19:26:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9742 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4EBA 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUbX4iUoKOCItSySykn_dxcAouUEr0L3_rWSvGkUhh-DAROAWU7uvJj9be_KgML3C588rzTgZug00DyIjyIwB4hGSOLbnCXgk68hyM7qTu6ev15Qs
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1134656253646209928&x=1&ct=77
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 4EBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 4EBA 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 4EBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS25HPwBjI9HilcUMc5czSKAqgG8XGdmVrQersVHQMt4MyFZBlQ-d7yaOHG2tUaTJ2EttT0MEM9gAmEoLL09EzUKxqMUw
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4EBA 		195 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6175 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 072B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 072B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D17n3FYbLJ7RBwJhlxiKjsQRDNoIx7wHKo0ltstUtSnXe5Gu26WbtIymeXvHAIjqEmo2Kf5mDjcdaFBUBTVoyjJm_mU1Vae5gbHJbOYKP2SdMsE8c
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 072B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10347433142770739395&x=1&ct=77
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 072B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 072B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 072B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOMAHN2iuhNEqIUP1Db3CSPe1hVfkoPfPj66cVtNTAQ47YAQEFOc4tl741KExXYLG-c9_pby0qqbqsxSUW6iAHv0QrZw
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 072B 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1751 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXSq01MQi6gypPNYK-FE6OA2nobZTtl_z9L2YlJPNaSHh0YmEfhAfEaCGQeYr1A3paMbV9zpmkKYiAa7b-JKHC79Z2NGcGw3SA1wWCdIRqRRVa0hjj2aIc08luggTOncwGye_T-ppBjN8vNWqcBxfRLhC-xo040EAuSj9GBSVPCyCrzT_k
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1AE7 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AE7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALE29U6CUu_C4IR-O0ki4o5pAddxykrMLMleMmQR-RgSu2GXdkNV64jCOL8ZwYsbweMa9CspiZRg1b680lsRBzz7Nv06LJg0OC0Rw-ZSYhAX-MSZY
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AE7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13354954951250928926&x=1&ct=77
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 1AE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 1AE7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 1AE7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGm0MQhwUOHefc2xpHiZTUR534oD8gyjS28tJnZVdrhoTEKqy-3s2X8SAS-pjIRTd03tewdgDyiXv6EruiRABSTKKLJQ
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1AE7 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
rum
dsum-sec.casalemedia.com/ Frame 9742
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNqq1BtZAyCnH8ASVc7rFU&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNqq1BtZAyCnH8ASVc7rFU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r84dXPEyFvljAdAE9Z2Nl5bp%2Bmqu%2BxcXg9nBjOeuSdFtmy4TIAQ9FgDJtiZfA5XywWOYezVhB5IpS%2B9qdhd96aL3vsEAZ0TA4Ww77chRqkvH1vyPsdoV%2FW1NvqDainwmQpBEYsMuz6rAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b6a2d594f65b1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHNqq1BtZAyCnH8ASVc7rFU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9742
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGC9.tbuxAadueQhNxrYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FTAzjRom4ezPUhWDBWw4c4y5Ko5Z%2FzMy8RY82VJuoKMoVQOeHPoDoqncmA%2BtBPr1Ib8y%2FVEyc6W8MbmdijZWrYNzGJ6BVfG%2FqLJSN5w5xQg%2BR3ibj7%2B9FhsNlAaKvGsSxYvMjwOvOuhRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b6a2e2c593733-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9742
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELoqO0FxvZ5lQlpzXhmw77c&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELoqO0FxvZ5lQlpzXhmw77c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
an-x-request-uuid
ca366715-bcb8-4c3c-b341-d0f25d4e7d95
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELoqO0FxvZ5lQlpzXhmw77c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9742
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNW8EMqpOMfHZF7dSFgnh1GBpLEEmp_53Zui7QbkOS8Q9KKm2uDAJjnIFvUTd2PoQjhnstBnXuIf9sni2Nyqz7f-YBySMtQ_YgAPnsWjnJFoPLhPP7JcLjwU7l3OEW_9Kh5AXA5dWkibmxDV3bXtEcmu-PHid-zdUHa_1dF4OjrjpAj3RTQ
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
an-x-request-uuid
be24ce46-f263-4ebc-8f45-0f364b1eae1f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
x-proxy-origin
80.255.7.100; 80.255.7.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6175
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwpcJDpQP4Ul8CUfsQhcuY&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwpcJDpQP4Ul8CUfsQhcuY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKwpcJDpQP4Ul8CUfsQhcuY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6175 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6175
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMmO-RnbZzSXNeRglIcWHEA&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMmO-RnbZzSXNeRglIcWHEA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:47 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEMmO-RnbZzSXNeRglIcWHEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6175 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXKtQLh5Nnztj5J46W5tfGzpkmIHnQZMH23N_YhI_RUtLJarr86A8ZJAosHzWxkckrEaqtpFb1-duKPSiy7Q3s05Xb2vFBa0xxMToJdoXeuppQb9HfBEMPNmsKYN4I9PEh4t7PcTxIz03YXqaOmPqVeZo4at8--kquhle7agezc7hc0bB8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:47 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 1751
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEEciOFCMs6abQKY7hTUh0Q&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 1751 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 1751 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXSq01MQi6gypPNYK-FE6OA2nobZTtl_z9L2YlJPNaSHh0YmEfhAfEaCGQeYr1A3paMbV9zpmkKYiAa7b-JKHC79Z2NGcGw3SA1wWCdIRqRRVa0hjj2aIc08luggTOncwGye_T-ppBjN8vNWqcBxfRLhC-xo040EAuSj9GBSVPCyCrzT_k
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		181 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2381066866032716&correlator=797607519071644&eid=31078969%2C31078934&pied=Eh4KHAoaQ0lUN3EtVHJnb0lERlpMRDdRb2RGRE1LQnc.&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Dc62bdc05e2562fde-226f1ad3f0e20087%3AT%3D1697743605%3ART%3D1697743605%3AS%3DALNI_MY_aSsPa8NLkQaGrUpgbPraX56xBw&gpic=UID%3D00000c9cae9eb129%3AT%3D1697743605%3ART%3D1697743605%3AS%3DALNI_MYyHPgAYJmd8Ys8zST7YPL2QXD6ug&abxe=1&dt=1697743607778&lmt=1697736407&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=634115515.1697743604&ga_sid=1697743605&ga_hid=53756776&ga_fc=true&dlt=1697743601466&idt=4175&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=2792147645&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7814192023cb69f7a017014199bb2488f493676bad5c1ce5f4cdcfa859bbd8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51991
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl_page_level_ads.js?cb=31078969
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
302eae0b72f980ef1698257b0d3452a8469f8c3b0754a06ebf3e6f7041eb43e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
31578
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13705
x-xss-protection
0
server
cafe
etag
3968778209274427424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 18 Oct 2024 10:40:29 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&es=1&e=gtm.scrollDepth&eid=40&u=AgAAAAAAAAAAAACA&h=Ag&tr=1ua.5ua&ti=1ua.1ua&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BB1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9132 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8338 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:45 GMT
expires
Fri, 18 Oct 2024 19:26:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 10A9 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 98B9 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Origin
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 20:02:15 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 98B9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 98B9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:04:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
4926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:04:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 98B9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
91444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 98B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 484A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11090
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 98B9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98B9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DT9NeqT9NluGMdwTP25ggdaI0A-KnXfU_MTRC9gnluhquo85rvno88sNA1e9uQCfGPhSmWubjWpKeDbfQaBXUmwbG7tKE4d6LTfrsbN2AxgX21-08
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 98B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfwjpMhQhNfaoOOkBS8rT970RqAsSxIqCPaP8chTqmrUyQwuX37kFErbspBpaZBpd-UJyCH8dlq1iKz_kw5p1IigwMww
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98B9 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 628E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:13:09 GMT
expires
Fri, 18 Oct 2024 19:13:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BC4C 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db62e35decd4fff416e3df524b8df20393fe84af831dea1ffdb96fbdaef6f7cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HlbtYVn5oVckRn2bqd2cVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HlbtYVn5oVckRn2bqd2cVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Thu, 19 Oct 2023 19:26:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDCE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:13:09 GMT
expires
Fri, 18 Oct 2024 19:13:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 057A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4b8ff2b5aa4dcd5ff661a4a74b30e225abfb0eefa368f1244b546de7dbee814
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jZqqgWyYlZr6j08Wr_RgEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tecmundo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jZqqgWyYlZr6j08Wr_RgEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:47 GMT
expires
Thu, 19 Oct 2023 19:26:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2901872423100&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2901872423100&version=m202309260101&ct=77&x=1&cor=1134656253646209900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4EBA 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5Tls8zhtqPBCqddpX07Qx69VALnowelQ5k2gKJo5uXUu5yiF1Qe7f7h_FbuhUeqkbt0jwEBDbAUNz4TAnAR2y6qDCLvpyKcY0CtjoQ6E2BFaF9el5abCaO2SRSjgiBNGpYLC-9nVYTK9Ys2CmIOCaXaOMbc6_xD8sZeFinezuUZ9WhEQ&cry=1&dbm_d=AKAmf-A2gTQNjn-LorJDzxj4AX8wDljjzYbzKv3mXkzn5EpummVsd7BdOJQtFe6g57kdQEibOsmAUqfjjj3_Dc2Wq7KymOGGOlKzz-X_vU0Yj3WwexDqRiDcFIX-pa5bdeerTahqKEB5NSWRFh5HNEX1XbPTmonNS4bs2TXeWXsChAktIv6D_Xya_lp7nTK9QZ86kRT9PT2XgGGlUMih6YJbrB-n61x2-rRa4llzA-ZMreqw1DgQ0Lgfjao9zgbwrYAKaL_Qmdl_TzQkCMhOb8zdB1HZb8y7z0w6EuKZaTQOkAaVBIDx5Dzu4uIw5nJkw0ML-OQALCKlJN9dZ8f6cw3ywQdY5_msWNlTcYvT5qM4Ab08qxVKeStizDTHHbWewjRiy0AEXIZjkvTNFGJg8Wak2Sez6STx4BpgpdxuZi87cAWf_EGCSrqI3m7Skjg-2cYY01ZL9_QH1298QuJxUdy2DTKOgMADhAJHyJ7sHdZMJ9bHr2hOhFXaJQKppFxiUfDb21f-ef8Njgf7pHkbkfmXRkhBfZbjdzp-zSeOXhz03xmfu_SN2lpjY99vbauNdMjYJqJQMmeG0xdX7aujpfXFcqCKM9q3ytz6_tHEy94zYwJ6QwxzyAj7S03M05mGe0PY372YAYGR6XTmdZ7fH2yNkHY2XQRo6GxwF2UHJHqXhjF5daN_7OTW8N9-YkoTnViWwhNshESdX1PDsqVVTkFtusRkQ3JbqOh2caYBqV6rGrE6dM-Vodmrc-y1VFsXIj6n4hPjz22xBrhyAsjs4hbRQrTvnKKB0Il58J-oU6k2Hm16lwxUerZ1y1zvybJs6DpNaJlECWn-zvSJbUlqT7licjXdKTTEX1T7vJVWvatfSut-E8g-rq5Rpzcaiw_954r7KaVjOv09yrGUZ7JqDEevn_LlZV4lNXoGszzvACrdefPKzCkgYn7pWscQpEViHF9PgIh-IjlUv8pjuIkaCXUjousUaqJ_PVloOkSBsTkqzdhq06mtHTaYi9eMi9vHPgR_aMuNDSm1F0YvkWWeI83mVE2hhn412wC5VrcyjYyl8YiBLxLFUdQnJ2hHIPQVMKnlaUybDLNIIvXML27tKgMoNqVQQYj_Dee5bfDRvywjrTBDVAi3oB388hLn-BWeHFo4rJe0hRGBnRLmS41fN3UUDay1TFFNLe41Dn4gGI7qXe4IHOUvXaFchnXhw4Fqp6aTnO-gDpFd6S8D3fEIEEp8keMKQe-dbJswDv6WobgQGFjNPGaA8B2ERXGfY6U67yZno7WuBwGjkre7oDW4mKUAnKuBdIeEwWI46MZfwgN44fFZMtYVSfQ80o8geYzX0UyRsjQ8nkQ2aWC6ZmamrqTNi3xXJPd2hT0p0NwcjnH_sZSA2LZRX3f1wMboIpi5-GeyBbtqhMOrBKtt_d7i_9yKr_72YCklXYrnr_KnPEcrRQiS5-xu1fdpKOfF0bx3vT8LMXkEc2ELA7KG7JiRYgz48I8lqgE0y_CRf7qYieTFcuobF8-sGrqcuBnMFWBgXxKMxpAnpuzWAkBdhWZ32AGah4S2fGhoo7-WCIq_sgv91-fWotPiaUBmCOKUT6K1fnfmBPD60z89Sj7DDwPWpmje0kw1qA49Emu5VZZ57eg9ag22cqK7jxn1dQWw_MaM9qW2AsAWMEMmTqVLvAfnocZTRkQQI6FdPwBsgdY3cmcwGsxv74wJ8xQrefcNtZcx_FeMGeCWVNrvJPj2Ix03ZmEEqhwrNtjTD6-Log9ibajWfdP44i9GktVD8W0Vp2quar9_gYE-OyF6gIGjxw4IvwuuunuyVm25EewiL-xI3nD0H7Bq5WWO5S_N6Ga7yG-3jDe0wV_HjmB9hHtizNbswL_HkM3aXKvaUCYNoSUo6pCW_Qw7ICLxk4B7dGnimaO-0omPT6ArlIZzLLrvEbZWWjoJolbWHkT0l8m8saE53D3YiNK1z7EgzbDD6LcUIo5I8_7sjNc6YQdbzvXoQ8bgMvIwpXsn9seXZA_ltgmKRgIMl33OC-Gr2MVYD6U9SeNpvD8EB7kLbJkGc0nhlvaBpc05gy2ntqcPKJBLo3k8Tm55ZGp7LvSu1PsBwK3wK88iTuVovElNDhWjUXxgHUdrG5mrmZ5itRoOEasRmIn-hGBH5VCRyY5b8w4_Pj5qA6LRKn9Ya5rWl2gcN9gFl-Q3kK7EHt2Cn0O1cLL_OektXJwlZdSkjS77F-guls8t6q35F9yOZ7ShZTVORp3qPSwiiMshOTY-bF0maCsmMzPThbHt4Yo8R3P8htFM3k1jH9DddQfsex1zogMLEi4vjKRaSj7YwRybi2drAeRR_HcHtid2apWgh_VMmDz-H66-5WJrWsamWdwb9vxN_PNa7lduuVv21aXN-XqQDt84H85V8DuS1nlVNrmrLnnNVFK52G_ys7VHkx5077i-ciKcDkgMTDwMg2kwFwsGOomU-jX_e7LxUYeHE2rs_P6XBmudALXGVGN9ZQ_KM59u3mQ2wIOBqrg5ja984sIzLPGrVWs0YzspZdwgl2xmjEptdTz0ZRnSoW3FPzpyaVe09g7Ydtkd99D4JpRFKGNHZ7vVxpfdMcGf9RtAOuonjwS7H5jHobs8zFFnHm0jKmn60BUfooCj75QbXJUotHuuv52Xar0SLOmQafVyhXYLRT24HblsgfNDKp69puyDlHkmv7nxC8TGGlLwtIxICq83gtVrYYmc12bKakf99XAK6dViSLRSuRt4CQeyEY5eCMfguQTxtgq-tbsWwINAE_opKzcljc9Nou9ngp7pw_QeHM1N7PF_FQlGLSYKuKJP_j_t6AR1l9wyXscQrHb0lvJaOwRzmKaFchCRe8JobrzZAc6QCywtrmNjKO98QIXqp4HuneOn4EB9jAlB6-0qiONWDSxljH8TwV8s7fmNRjSVQy1BYaXX9jCexNn6dCQZ7py7nsmxXiavSvWpoCZj-eiw9y-0SQoMoIiG-_zFmqK8SLc04n_7WJaqy-b1xqpROQvmzWxQtJuXGXRzS00Uda7zLoTqOMlU0q3RnxINjT_v4aFtXf-SybdUsiOhMG7JghxbFCRzHy37bKGG42K7DnFh1usVimkWSxjiFQEzEVSiTm3tMYKVI0YRFavyrbsefvm3Ja1WcmbSucFl16_gt7NyY-ToGSwJjK4J-C99WzIQpyxmKUaODwXdV91u78491rB4PMsSkjLeCezOXRBankL7CSR7O_-Nycs-bLuv3Qxiv9871wrSMW2KiWXWV_FcopCtAJyir_B-fLsH48NBR-TuYjzLGAOYnK2RUUH684ReoxOViRLQA5QcTfpEo1anlmE4evwcQKYpJnL5SJn6FuZwMptF-4mTVuYfbZsWm-_Scy2rPRp1APmIf9Z-0285LscpUP3lmBce9tDHv8aLZ_eRJFYA077nl09K00KDGytIN8ngcktFUTlIw1eY12nojbFitp3-FBJg2NaT-Zr3XUTFwgzYLKR5MBLuNHNX2mYw0yfrUCxt8QCM66iiopcjBmdB-OCTryuSbOPAsAu9yOZ0cWri9COHZ8mggcLEfvXA1JJrAQFqMnj24Vww64ICD1yLYbWNyrYuTmfsFLJW7gpg5XbUPbeL2ZJX-2dvysWBZYgGwzgcRlAa8qptyIEOBbeIBIhwngqK9fgzonk8azpiL_TJyJ4EPShXmqc3367UecYgBpHxYEf9phFW3I11T2fdUs-vYrc6PN_VJ0sEoCqxcSYGQj99wfpqg4JTZ13ng7xqFdDXuOwhZdCDQ-r7ksiCxONThszFZXbasVNOPcmcZYrQmbzfeaxOo8DJzTsjDhvXXWU4zJYrHO3WAjKacCw_4OZaf4Ecd_fp90m20_Bwd_B2BsBqTkHLsOFEgEGoCo9rNdF8N-E1jm4QJIn0BTGnE5wlfcqokjwnkzZ6L3BqpyN3O7McFDNtQGNUEv05wB6v-jKjKdBJgOh90UdSHE_DnU1QblUvS293Ehbqs51X5cNT85wnnkBP2OVO3Bp4v3gOWa59q24N9WqCHWKrMX_r0pKnIhStGGU5A18vtrP0koaPe-Gi4SKmo2vPXYmkJ6w&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=1134656253646209900&adk=3676778483&idt=225&cac=0&dtd=41
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d63412fb6b27f60f969fadc2c9c475386331db2bc6feccce0e90c47597e8929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E4F9 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6BB1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BB1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgKrRZLQmuehJZ8wRl8RWU1Cml4gxVQES7_i2zqP1OE3nxNeqj6jVhbKb7y8nvpGFq2vOCZp1CmH7Bx8j5FhRyRP6Tk347SwIDxvCK2tefbgmNWeA
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BB1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1274052178991113252&x=1&ct=77
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6BB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6BB1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 6BB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvXHVIsEp06P2GW7NAAEdeUfOeci_3s6jXMGX_4cJTVjDmigs3q305cADOGdoRGY_zUiLpdbWLTAd9q9jb-waIOmnzAg
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BB1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 93F8 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9132 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9132 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARevfrNYuf6HDMF-qquk79-N2rcM2eEJUnXytw8PDFnPOEGb4IsWWFI2v56FZN0k4gOVg6y7DgKJsvHqOuu3xD5oMntaKShyXSfUfOCTE1J4IWyMA
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9132 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9234408372139535107&x=1&ct=77
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9132 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9132 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 9132 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_5NPf-5JdeQv1qZ-OjrEn4nSab5tS1S1dlSGjTfPKcokj3NFhuTrin0zcicDSl5qHWw-N2eLgcXFsjD9vcsOar3_gXA
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9132 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 148E 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXjQvkVOdiNDni7XYPGNCofYhIJLz-cizFs6b-QevhqPiifLiPPnfCVdpqD9me3LyPuIuTZGyCptQrB4krIFdWNfejsZMbty2ZayDsybhHtjg5liqqztjQ17B4pO5rLb5dgDThDeR--hu82aVpMDyLm2zYbLFtL5deAa64NmNRcentXkyg
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6C3B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8Wyq-xGEm2yHe7v6necDUunUsU_SM1oq9EChaz7KW07Oy0iH-LRaZX96CecNbgsQjtkCPNSOK18diMJwVQghbeNL01LeLzwIHoXTednKsUfOGTKs
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3809384833194545857&x=1&ct=77
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6C3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6C3B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 6C3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0Qfhl13EGEnEv83bS1hJzgxnMR38f22d0IDsGAyq-l8AFyrrSJYRiehpMPOsLSNfcsHKKAyTyHHlpQh2wlibd6bX2WQ
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C3B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4668 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 19:26:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8338 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8338 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DmBSPREuSwCOsYxy3Blx-68lVeK3Tl2HKxFUE-mMDku9gLoLwptyzB_1YFnEZxhlZAPtWdSvxMgsxbqh38sruNu5KjsNAGKCvxXH8Jpaik1312-MM
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8338 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15497511220640748350&x=1&ct=77
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8338 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 8338 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
5161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8427
x-xss-protection
0
server
cafe
etag
8504628880869859743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Nov 2023 18:00:47 GMT
l
www.google.com/ads/measurement/ Frame 8338 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_yl-aR9Zn3Y615QI-o5aX_bdpCfnO-IRPcW8a7ibqSIuGZTCRPQMiiQ836c_SB8m3O2zFfTuQRTX_0BH-1SCsHRtz2g
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8338 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:26:48 GMT
rum
dsum-sec.casalemedia.com/ Frame 10A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKKuMZlfVl8pzqU771EN%2BCUFg7PowdaRAGWw66XJCUrOWCGdmraNBvoa9OnEE0cDqmQcUaCrA0vCYkcjt%2FJ4MDDPUbROONqZq651Ke%2BuVOpOj8UCQCCazP%2BE3prI%2F%2BwjAKDq65MEUYNMgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b6a2edd5e3733-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 10A9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGC9.tbuxAadueQhNxrYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BCL0fhQE6%2F4%2F9CJXiGK96vkB12w%2By1qwk4tiyLZfvs5ki73IOAFj1O741R7l0ktmsZiEYYT1pDOgCDwVPKbSilTXj2V%2F8u1JCHO6mmEHjEdpxd99SYLc%2Bd7%2BSEBsenm5FWJsMGFjdz%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
818b6a2f4e1f3733-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGW4-ECFdja-43cum8oDdw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 10A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELstxdsaV-Hyfr4Uhs1lgf8&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELstxdsaV-Hyfr4Uhs1lgf8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
an-x-request-uuid
59751e2d-9ec1-4437-950f-7a24ec7efb70
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELstxdsaV-Hyfr4Uhs1lgf8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 10A9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYv7ig5QEwAQ&v=APEucNXh0ah6GO63SrAx7bNHQYGlNtiziFY9ZiZG2xQvsh796QN3tZvQdnt2LbWD-5JAExtpS_h86yd5M3VTKJb3E-L8x2Zn0_WWl9tYRzw5o6y9wJPVF2uiCGPkyWvoKd4tjN-hZ-yzHKOkMsKVSPz2TLQWQKYkk95UeIfW5spVsf1nPKN7Blo
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
an-x-request-uuid
345bc5fd-c685-4c44-84de-a051288d1bdc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx
x-proxy-origin
80.255.7.100; 80.255.7.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 072B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8754256985789&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 072B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8754256985789&version=m202309260101&ct=77&x=1&cor=10347433142770740000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 072B 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlOWYG3JFMqMX_6eZp4zOSy3CE-cPybY9HZAG7PjePDQDHS2q0DraRMJtCzdX1ebe_AsbSGP_SLCBdJj7bqgG2auhbyHUrw3JNgHPiB2DVPIBH4D5uNsyuDuJX-_pvlJEbbXNvyaOp1nlUK88p6HytaBXCmuwVijciWX96nHzn8Hxp9Bk&cry=1&dbm_d=AKAmf-B6apg1T68LFMjGz74KcxcO0dLBMrChfSUk1su5JdmfvfRAKh6mYrV5qlQTm789W4QxuZwuTSMU8Z0Hj5-UU55LPCTWr2171jXGhxqQecR9Fg1-95NAsbN0Zc9Z20Vgy58uOlSdvPhgqStTd9Y4RhIWFrVWlMwgkDqtBnvoMZXcQAECzo9KAJLvs2jy79uFZGdGzgUvrbAo49aEXtsIlkmRqPI4kvxgPDrR9L-DZcgK_g3qzP0OrZenICcIrlBUok76ZV64eaAdNemxbHxbbSP5Z4drjKlYxvFR9u7KMp7hFUV1SYjVueZrYDE55x8pYulOXHiwZEZsxco4ZhFWbv1Ix-JnhR_otLscsFbNOE_woMwpary19FC4gvK-WlvhDtLzk2f5QSWgFHzrsiiMARNANvQPmqY41Rr5gI8U3bVu-cZ7uwEEgNpW99qdDtsHWj_td2UREw4_-YoFGGgcUP4mDW64JDVRvjPeN5oFksV3HiFO_fYiYUqwizO7WTMt2_srAOI4DsTrm78WlNVtdg7HJBsFmQr5giMn11ZGsoqlFkehs0BOZV9TWxj9Qf0-5VcuXt1J56okn8e1cgzzwwcqvQTZOygRL5tvjprxpG2Q_Utzz4zcg3B1DH1r8dFE24i6wHzOjLybvmVPje1i4sF-VZ83eoZyE_Thu49GmtrB7gbXR8cxspNTwryRigFiTpzzF6SZ3Enz1Ip86puZtfhRv_99KM97bKe0JUjn1Hq9vMK5x9tNPODtM23QHKSPhWKrUv9eNCTyevNUU4LHRC8oSXZocKc1agX2rrzwwcNuololoaE_pHE2auj-K8FgrIHMnHzYvueIhx2saIR9QOMiRArYMf0gPSI8zuNeRR2THxHyDBWsq1HCqqqbn_s7dYpZ0dgfKAhFGLClixoq8MLE3nd2t_cGcCPAAgx2GTu4k_I_dY4gtz5YbKO8rtwtba5XqWM4OI5T5kmfhHy-glHxkVe1LR87NJYGzDotpKRUuxwvontG3jIBZGMXSyvw5ZnquLTwwsIBqW7w2RywXy5elA-kebSBBcIcUY313-VwiOSZNEc1MxmVt61DTvJN6BDygGTjbrN3wcD84RBwSFbiPB7SWIErKp1o2uZVz8zpmoCFBQox8asyKPKg6QIBNnGuUUdwHtGYGPuQSMS1YTHzivPdAywMxRm_J12GFtafgRl8DNqOND8-s3GQuxQcD10ng3n3SoU74_WH6kYG_Nsj0YwaaOF8e_L0E739aQq4cNvaTeTXlN8kCN5z0dhv9AZsyp1nVFLa920JVFpZsnEZ-K_2iLKgskJKXHmzqsEGnNJkySl3psjR4MX2KqUcNgLvH8ZrX9UqOpyeFKA5MgCgRjvWoCLNI0V5jNzLX1Vo_jNcwehiVcb9jIB0dOhErgS8sdNzHC7eDD0VE50FoyGLhiGtAbj9gb8O3wLX0v8ZiJfaEyeo2nGsYWdzwYpzAt7nIKeUqMO52_Y-41fi9NM-aW6QgvkO3tiP2QOcqPs1th9wljp2ddxzoPOLK_jQqEh6HV6Iv8dwux5cLJbrjeeHcFlpOaB_TQp95eqe1SvaEmGD33GjRYdU4ujvNCWy-8Fd71tFVRMx-qaQeLS-FtErmhSvMw-mvDYyz_GcJD5_Eq0Xw2CNZ2SJATn3L8ZimDlDKtNg7uGnzMSOtzKfrHWnYhyBuSrXARkAOhULRBZ7-ey1qPBHarV_UyzBrZx0BV4HkzVbf0h7yeZhnLIRGJU1ZQ8E6L6DuWZrxJp3xkrE6SHoCO5_JHrb3jPqnMpdAT_r9Kw3opLzOgzWmhohPbXCIp6i0lVgSoSYILMKRLSCq0suhwzUM1ued8zEdpOv-AQHeoVtqO39CVvYUub5LkE4wbhQ4WXcEXyle7Qgz704xzUDcyQOZFYdL2CKgpgvW2qRw1QQ3layZiJhM1RGCKfd0Ncx7U9A6eUanJZZbQHpUUpSPdyne7Vq1greUmiXSaFnutIzrtDX4FboIZTeaUV5fw-DEYsPcZvV0aJdjdkWO3keVOUQJeHVsTCJabd4zMBy4JurjQX4eQ99n1j1c5f3Nua4Rj0PtkaEteL4tAbMATthwsjHxn-ZYZDbMLoqkDYc0gh_2Ktk84sM3B_-ti2s7KoZeltjAFv-aqtsn5C2_RERQBx5YUht9QDLnQOvGZ56BOohFLEiPfNauP4Dmtsi1kzGn_8vZnr2H1ziABuFxwqc3snwq92ELy-Vvz-uXN8TiqSbX-XW3jxY3uMQ1luXKRyXSsl0Ne4P03Vw-I8I9WTd6tofVSliDH3L_cRpWnr7TV8wVotOY_LKV7c16ccuYF9vJv0W0O6te9dh2uemCr3IIDjegQy_-THRF3ql4T6-ZrkDTz-hEiRHwUanwNfN5bOhXSLQjwm7w0CbjJrMKAALwguO8gV45aPFptSytuU4BVdfCLUoPDIuIZOFzBgt4IbTNB4nBULpkn-y-1iu87VpW1YKb7WbqdQ7BzPqvuQzS_C3jiboxfpk7_0e7HbGCRxTkFQ6pj-G880LnkuhidqkEmx9fJ4niUv8jBkRxooDJXMPnfitXAv0vDAe9_EREdRTVz8FqNq3Yf0LbV4Ub6uBrbyvqHAAKWl9Q-VstjVqjTEeSnpqdaYzV8HvajNM7lqWR6rxRAGwf7OBmmHMxaIK-xpt6Fyvu187_BIBQBJrZMz4ZT2rfWR64v1afoB9LQ3Nw05UMpmoDHR1CYdK-UbjrwvUlXtDWQzYYLJT7O9HA0_R3Nj7Mkf-mUz59dsSdLU3QbmHMn2M4EvleiyVsQ_qz77SJlcnMAX4A46qWYs9cjULmdYFq3_uDeJhAdecWiHY7FQsiCOfeJO7Cfl-xGRB01yP-s5xB2i-SCMxOOEcpfbSKwpt6iWftaZuN7KfeKOCzjVOfIjuLbPcbgxh23g-IYy6v_iPREscEEpokA1FamBu8EDvZDicMUSCiuTN_726tZDGTAvyLuEFOtws-Y-8w276dabRISboU1SFQgO05j3KeB5HtfJ-r9D6PkEXqGOWy4mhUIYSMSbYGlchH1J0VLr31tQxjrN0T29CKKW_RJsWC1rB7XiTK0IqE-E9sqRFuxLTeiKgvJiD2LrLQafZm78G1h7phEXNt_icdsBJ33c6ntaZXbhS3gkexDTx4cs81_MZ1RFx7b_nfPlNAWhUqR4G4Bq9gzPlbBvPfS7-09QgZZHBf8arc4srkIXKV1vRcxl71eOkKfiWZXaZyfU1sE3WpzoICj7esaJKQMlmnm18Wdncw85YhITJ2yJdY1-sK86bnXTZoECRuXSEOunNtvJ-9lDukx3ReQek5-TmeJTeZLp6L7CN6fpf4vp5J8K8_5muhpQIhQf6FGBG9UC3cL3towsG4nmXRv4RsFodAlHMbyx4DykML3P3FuiowTsOSfGorBvPSXQgNZobsBfUwhe22sMGvtPA7JbCMm31rAqfDJ59U9QbDBoQC6pKUsIy0WLuCVyI8UV19LcMicX4cl34ymj9UbakN-v28ResrbIyP-wI4qElDCpGamQlWbJipQqtwDS87I9V4XKsjNoD-3Ku6j04vlwhRaZ3XkRRHz72AUskoIyZsKLQdFZ1GtnU621cWdsFNGiF3hKUmO5JaPN0QzFKHTUOmYUV3rLRy5cQ0gVwi_6n3l2aB9nWG-mHAoEjlX2JQ98ZNFtc6R8MHDPL4CyRguHTI02bg0tk4oasJjCaJ4ox1SVC7kOyENOmnklBkJbpazrel5cA-TPyA-hYplPgoHgA299zsQ_yHN7gJAufUDWcCv2Lz3FfeL-uzzhaNLs_sFqqXBROad24ixD8FScq769SMS1PqyNTWIksglE3g9Xt_AxwlVR7jGfzHMiA0wjDchW2ieQEeem9GouPlh7xTx2NfXvP0lOf9hWoV06B482R9IlFlZn0kIk7LCQECpIa5_wf6KnA5iC7xR0ziaQDwHF7fvNaDyvWbyuKB5xZdKAsp1wQk2qFI6uEeVCdNOQnzIgH4ytkIb7cP00bDgqFUCXgHWkol-bk-4EPUmvKs_lStw1cTHlhs0tFfmjVXPNjw9mLuMhQNM-uC-s&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=10347433142770740000&adk=3730726249&idt=363&cac=0&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0cab1ed40a7aa1e4a62f2ae1300e4c91a2f9ec82484b075a503fa9618cd469d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AE7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5960427307044&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AE7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5960427307044&version=m202309260101&ct=77&x=1&cor=13354954951250930000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1AE7 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnKX3jiPc7wWPfs6EX2Iyq6SHfWH0dIhYknbBFfaUqovhkedFrvBvrWJ-lhf78tDvC0CBYfxu6JYKkYC0DKeJ7lZUBZIMynG8H40IC3NMHtJFQqhJ6q-eUlb-jOfBHYK3ytqdLwhr0nb0t1cLuziPS13BrjZ45fn_LNHxxPSkBMbnZVBA&cry=1&dbm_d=AKAmf-Altn36UyQFPuL7sHp-oS3sToxM4dIBTyNPz_z8RHnf9rEzbp-C2VorEIWvW0HAum4UPMqWvRb1B66KrrpznXMNKYInxQMxTxtK-ftx9FuixjSFFS__f8xDWtf0K-iaVq9KD7TA3G87eWPA5T31pmLoiG1jActGGKZnOc_pFZHDbnRJi2OWpJS4xJBweji-cSpqyBm0F9bTOtQjBRH4Y5r6bV1gk2T3NUUqVXiy9VUAQp6S1h99-k9HGdCL3wneRmv6l6XX6HY8LHc6sw-J4k76cQNr0vZjVVxIfOy9sjwiFESZ8m0nNf2VCrd4FRWjnSl-gk4SV9EXyTOi9FxL3GaeLNvqZofLeMxxhSBTji_el15NRsd_OvuYK3_eJjzwRK1Au7rN56NCw37yV4qZnDf-DgAvObD2YvcCep693Zv0gTHlQKuMs1i5L7DZ0L101JvqpRnk_iLajmkAEDb7c0TO8Zwi222RydHVaDa2KVqTHyZR_j8OS-0Zr39WPFBpOEORVOZfB_d-5QFTDM0iPhrgInHWibbrOR_kqWUIwFzPZkadXookIK_9uiqa0Kba3x7Q05HiKOPRTja_b34_yo7EAZ4QtouesZe07s-AAhCVRxWkV6JR1eO_eeOHKs3PNFTu5V1E6ugEswxmVZoocNOaaNBL9jy-nZrDwM_fL-UX8WQ7K5oZPW5QkOr--nOGXw7wytQcqS184OtlKVuwenBuR1cqEEhmPDWa3brK38GgQab01F9oZDkbG2fxB7sB453A-HUKLsv8-kJ75e5J3VSsHdxk5EQiOlaPIGG8mRQC4-InEBTbRsnze8OO2aK3iMdW2JomEVDXOJyH_bMb_uWIOQiFWiPeQJ9vcul2881YXR9JOjQhm-km1SGq8-qWsSU8t0qYbrlTCGYSlDrj5OHUOmDS1nrH31fqPObQv2bKMagW9Z_MaphKsC2LyRTS9ke3w1mMcpIdxFzlpf98zZyD6ws0G46vcj7BzM6P9ah7i4dhid6hz4759x7IBTQKxHu5ai8EH8AUq6nbNGN3qGnKtPn65OuFlWlvrD05OCz2wAe8kzYMIaRvTKY4f8ljIfO66E3WMcaE4N1j1UhBHu24qnFwaTyNxGa0qk5pSpb5o2x_FIz1NJViCkfh6BPhqykrQDubZ-onSv-vk5Ii4gmVfdk7feYzDKxj7c6y3dIDeRXx9DU6edisA8518yYrioIhbRylR3XiTtQLwT80JYV-WKas99YGxu992b_5xAC0wV6AYhKUp_jsf_VWwHIpQJFz6NrsJ86mUW9KGzgggpwR_QX4znP96zSudL529n1ttnLrbamaCXJICGqZWZEEVw4h-fyvePc9wLOGz9l-ye-ovdhioI-Fn_M5LtWSRVABCO7we6YFMOVerY6q0oeXcHsx0d3KaHMHV89nztRzcJqeMGSNGmiRQmuGwiAfYLtMx1RMFFKY70-hl202gtowb1yi5SfwkitDByVaaeBqdN2nRyWJt6nyCVjj-YY3Hn06Mog72wA5qrC-PpMAM5-WVtdevVpg2V59bTfU0fxcQgO2FO669NK6L2eBSMvbslf8ql6ScYCNITadPr3qWefb8oBvr-WJIqkWRk7Ll5XowwiqAYsgPhgy_d9PgDma_0l4IBWeoqLjoQ3BnXIPjk3ByPXjVh4_mQzKzDPFAN2W_Qgx4KQjoH_6ZxOzq6UACjNzfyaiGPPBhFL_wTabVgFj6QI_9idbTyrxN42nT7t_y0csDpNza2WaGESd7gzdQnRPkbCItmrCxEG7GAFdiv4y60T7P8GI063PqrhszmmWOXtetm4wKpondAd5EKNkS__68JrHW1Win0WGDIrI7u6uwvDO5tdyjytzzGkeRLVWaI-fXr2YQP6LTtOqVlAgCTmDwTrgZSa-7FHJNPmnvq7sHkex_xq_tp-xGa9Oro2oKY6yem3-wPBZyk8OeYowozkdJVBG4A1LoRRtxdaibujH_u29sT1GApXt0G2e2IAgnn9R0-UMyE7ocBuz6eIfFis_PDV88oTdVElZfQ8VK6sVF6p8LH8n7qPS-gulGmvDsx6M23lbMYGwdszjzTaVk6QkM1wKjGmf4ch-eBFOOo7Z42x64YZiwxYpBJt12TIXDk7YzopSLjD8GpbnVkpgPSL8mWQWrpXbz1vs_3SN1FrUxIJ-XCvqqu_Bx7hBwjSOlaQxlFwua1vbjfaib-VxmEpUwGfRn50k9MKxqokdgHIsASp_A61NH90LdUiPqrnRrq_DPybrBDlUGqVvjTWMmqtd-Wg1-_s04PGyLDKcYls6dVfjJmFnKOhQK1jG04CYs4k-pK8BE33zrpqHG4TJ0HmUKgLqTkH2YZG5VlhSSkZC7B6AmFrwEPyevpOsnXpb14Lt4XJrfMh46sUwgLxz4wKzF0qvh0DFjDI1Yb3kyplUYYahDECvhW0CKhCVxjInPDuj_S7iAqjaHA5gibiROUAWZXLF-ORzh4AZE1p2POPCusyGWR5Qi_pEy8bz7_GKfD7OYaRhMkAwQEd_7fgyW5fgMAw0piup-F6BSmS428BeRZwAN65WiTQGHe74WI0SRc0t4C-vqjoYkr8NaUbouX1tmCedZt8E4x8Wry7QBxIxbUuc8AWb5iHCTxv9PZ33sGAIt76W3uRbUwstGVHRsCgL7ia477kpU6YYzcmXsRRWdnhSLhLnH58-y1X6Zi77TFsdO9MGyuWXlFWNPjz6mynpktB30Uitom5rM98bHJQ4g8W6tZt1aa2S92UsH8drsHs_aPgBdcxr_KqO3Ei5gxFuNwQtQra-kyqP8En7vVaVCFiXVGTs5avGtkUikjA2THDVnifYR5O_XKL3DUQlhiQxcArL-6ZXgFk40MxcRLSXxD7VYZO_u9ReSfYI9EQZ_fACv1WELkaJCPN-Wb-s_3TyLrAPbTn8ajeOH47bD9k0HCFJ5Dr3-HboS6HQEdDHf9U7-gXDFde97V3kITJOBSo5qh9oqnsO_d3aQHhIqifwlemH70j7czvtztPEcc4oPKfg1YmI5fky85etuevtNFG16fg-2JFrmr60YPj08MDhUrCapaXqb8T6GKfNK8-xL2TOMG1cXCAyqOQiqUooIQigi3xmSHBsVRA6uWHNxSugkfBzk_Wgrdq2rDRfMBFM4xQANO5MjxxrWBJ-xvQY400PFqBazI35X8QcyDpRFt7qB5QlFK9I-dcyvepx9oXaTyQBVMwCsXuXpIWha1VVy03rBrG-TYcxwIJCUxiz28_nhOHMfe_lkU7nIaMY14xK_ccr-7LmiQvxhVp0RWfRR7vpoE0oFH4RVC3Qrsrl1ll9a4rrixwd3HwdG_kERa9Il1eLJKxH2k8TqQRPBwhArWPRTQFYsWu6EZON3kaZCFGJHpUYzYUOQ_J1O-hvMs3oyJ4TVAk6awyVY2QRKCppIlWiWPtPmOFZsIBwPgoGthv8k4IHcu154_NOeFSpDcgAGaJk0HhAZTo12JBTBYRsmbfLBA3oXkeFL0qnKrH1K_rFMLp56EmWV_Qdoj5zcp78xw_7R37qR8FFP0y__L3jKUA_ccWTtnKBgNvjZkhfnrpVrOmrgFyFvDKDIS7_q9v04c4nUGzE3ccVbg68EgH6JuEG8HtbKvP1MCF19tYc4STpif2ArUW4MJGFzK5eAz6ABMkCuPzZEiNUYvLDgUCoSThYPsCJxhu40a3FO5P005I2T8BVab9DfBX9gZxodCtu194PVvFo8sRSGYLzykpDCFWSByqmgFH748W6PoEoQejCEBRbJUZxFqlzgPYWQ0q8ekWVBuDiH93DYTy7xP5Zmt_TcTwW7Uusj7LLlz245Fm6-HtnHOZ3gRnjWaxprfA2T-8fabSSfgE0n31Bq3DvIYiOhBehv47msA1l8xYDbczbsKpu7n4V8Ri5BiJqJPUjkqJhhnAO70xPc20i3l4bhMkllE-7G4aXheegBZPTXXhgDWG72HD1eDaya0pZh7RlU2x7HdcRVF2US0yvOUZa5zXd6WGAlJQKT4nhBwh4OPiyBQ1bFFXLNVwBUfgolpG-X5SGSh7ngVwFe-QsC10JWzWx-ysInZA&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=13354954951250930000&adk=754613069&idt=333&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a69a0de1e4d06186c6e072cc966d565d067726886ba29b5adb64e5cd2923f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 484A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ1XX2-I5VfsmDutkJ_kK9I&google_cver=1&google_push=AXcoOmRmPR2zafBhEIeovcfmGQ7gFf1U_ydaDu5k5znnxWgdX1c0GBwkNoTSRBfqPeOB2RoC79RdorEpFh56Olhv19KhaOHJ1IHC
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 484A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRi...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
818b6a30fa929b5d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
37
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGo4LroMJnfLHa7Mlfmklbs&google_cver=1&google_push=AXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSspM5mgNIU4LrhqTCjrRad_9ad8l760n9tTNShPDPG5elwNlwHhl2PN-WtqyplLYx1b1zqNw9BL8gDScPzPCZwrMhRSRiX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
818b6a2f889c9b5d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 484A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBWaQ9T1PvwrOgQjySEj1Pc&google_cver=1&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJVkhyRJ0VBSBB8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1846C4AB97E04A07B56B848F7E514A07&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1846C4AB97E04A07B56B848F7E514A07&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJVkhyRJ0VBSBB8
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Oct 2023 19:26:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1846C4AB97E04A07B56B848F7E514A07&google_push=AXcoOmTm1BiwH05XRttXRHMCvhCBPk1p77kU5guF-U8hTG6MmhqGSHWAtzNvubrdZ5h17GV3HS26UmxIEkzbyJVkhyRJ0VBSBB8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 19:26:48 GMT
google
match.adsrvr.org/track/cmf/ Frame 484A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJkKNeQytTK8E-9AESdUGI&google_cver=1&google_push=AXcoOmTP6KwKkldHP1Yc2Fny19R_VZvuj3RNk_4jpxEa5NMbVvrhN_jJVFdH4q47F1w8qQfGN7ANbKOgQAy6kDcrfZS2pCzp7p7x
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
adx
pr-bh.ybp.yahoo.com/sync/ Frame 484A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4-HrFmHkqWYobEPkCj0_I&google_cver=1&google_push=AXcoOmSxaxmSU2Wo0GFweQ8SjD0mgBfEFDxQfjqOSasya475M4Ogtp93s9DJBGXsUxQoipbxlSYr-npYyWvXwsY2SCZRS4o...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSxaxmSU2Wo0GFweQ8SjD0mgBfEFDxQfjqOSasya475M4Ogtp93s9DJBGXsUxQoipbxlSYr-npYyWvXwsY2SCZRS4oAsG0&google_hm=eS1uUmxDSDR4RTJwR1lFa2J...
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a05:d018:d29:3601:96fd:90c6:753f:380d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 484A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRpNG_7oiles3Sl_ZICSju5RoEONOnkAJQsMWzcyOUyXvrt24MOI1YGmXWLpQVt2dEnO7Q-QRpXboEA90ytyQ6hzqsb1ms&google_gid=CAESEBfsLUy0uq6PhfmDtSrbWEU&google_cver=1
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
197599
expires
Thu, 19 Oct 2023 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 484A
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=e2beeff2-ab74-4168-ba4a-a671e2740fb7&google_cver=1&google_gid=CAESEIgWxFo2ffUWgk2gwYtCAv4&gdpr_consent=${GDPR_CONSENT_109}&google_...
  • https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 08:05:11 GMT
x-content-type-options
nosniff
age
40897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Oct 2023 08:05:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 484A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-pFUggw3y_Db9Hm2Sscz7I_nePLUtq7J0DYlYa8zHR50nFheQqh-3KVFr3_DtGzWw6JTX_A
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 93F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 93F8 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 93F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 93F8 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUUQI0gNt5Q0cO1rmKMq8uw6aGfveMx8TZtesvggdZefR7p8IG34VrdsminXB37Qc3Uvu5XdIXCXtJjNX5SdhjPeK6jkZTssrZCRW2f9fZ6ayE7kyh756GveDWsgTtpRJeAmF3uHckF_A1dqyA0YnOT5yQrWNmxns25eY5hAND8x3-gxiU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame E4F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E4F9 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E4F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E4F9 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUlvzEC6m9rKtCWbP_1laQxNE5Wtxe5rBQPhEIRhs9KY4z0NFNKi8V3ByjKn_EcsIznaSuxw16tR95lbzUOVBBoe8CBYOsc85lQ-AKJJ8k-Esdjor_1FckqMmgHuREzWCtgKqvMe8tEWxYSSL18-xqtK-nrgTbROVGbEtAW8-L9g1Fh9ms
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4EBA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5Tls8zhtqPBCqddpX07Qx69VALnowelQ5k2gKJo5uXUu5yiF1Qe7f7h_FbuhUeqkbt0jwEBDbAUNz4TAnAR2y6qDCLvpyKcY0CtjoQ6E2BFaF9el5abCaO2SRSjgiBNGpYLC-9nVYTK9Ys2CmIOCaXaOMbc6_xD8sZeFinezuUZ9WhEQ&cry=1&dbm_d=AKAmf-A2gTQNjn-LorJDzxj4AX8wDljjzYbzKv3mXkzn5EpummVsd7BdOJQtFe6g57kdQEibOsmAUqfjjj3_Dc2Wq7KymOGGOlKzz-X_vU0Yj3WwexDqRiDcFIX-pa5bdeerTahqKEB5NSWRFh5HNEX1XbPTmonNS4bs2TXeWXsChAktIv6D_Xya_lp7nTK9QZ86kRT9PT2XgGGlUMih6YJbrB-n61x2-rRa4llzA-ZMreqw1DgQ0Lgfjao9zgbwrYAKaL_Qmdl_TzQkCMhOb8zdB1HZb8y7z0w6EuKZaTQOkAaVBIDx5Dzu4uIw5nJkw0ML-OQALCKlJN9dZ8f6cw3ywQdY5_msWNlTcYvT5qM4Ab08qxVKeStizDTHHbWewjRiy0AEXIZjkvTNFGJg8Wak2Sez6STx4BpgpdxuZi87cAWf_EGCSrqI3m7Skjg-2cYY01ZL9_QH1298QuJxUdy2DTKOgMADhAJHyJ7sHdZMJ9bHr2hOhFXaJQKppFxiUfDb21f-ef8Njgf7pHkbkfmXRkhBfZbjdzp-zSeOXhz03xmfu_SN2lpjY99vbauNdMjYJqJQMmeG0xdX7aujpfXFcqCKM9q3ytz6_tHEy94zYwJ6QwxzyAj7S03M05mGe0PY372YAYGR6XTmdZ7fH2yNkHY2XQRo6GxwF2UHJHqXhjF5daN_7OTW8N9-YkoTnViWwhNshESdX1PDsqVVTkFtusRkQ3JbqOh2caYBqV6rGrE6dM-Vodmrc-y1VFsXIj6n4hPjz22xBrhyAsjs4hbRQrTvnKKB0Il58J-oU6k2Hm16lwxUerZ1y1zvybJs6DpNaJlECWn-zvSJbUlqT7licjXdKTTEX1T7vJVWvatfSut-E8g-rq5Rpzcaiw_954r7KaVjOv09yrGUZ7JqDEevn_LlZV4lNXoGszzvACrdefPKzCkgYn7pWscQpEViHF9PgIh-IjlUv8pjuIkaCXUjousUaqJ_PVloOkSBsTkqzdhq06mtHTaYi9eMi9vHPgR_aMuNDSm1F0YvkWWeI83mVE2hhn412wC5VrcyjYyl8YiBLxLFUdQnJ2hHIPQVMKnlaUybDLNIIvXML27tKgMoNqVQQYj_Dee5bfDRvywjrTBDVAi3oB388hLn-BWeHFo4rJe0hRGBnRLmS41fN3UUDay1TFFNLe41Dn4gGI7qXe4IHOUvXaFchnXhw4Fqp6aTnO-gDpFd6S8D3fEIEEp8keMKQe-dbJswDv6WobgQGFjNPGaA8B2ERXGfY6U67yZno7WuBwGjkre7oDW4mKUAnKuBdIeEwWI46MZfwgN44fFZMtYVSfQ80o8geYzX0UyRsjQ8nkQ2aWC6ZmamrqTNi3xXJPd2hT0p0NwcjnH_sZSA2LZRX3f1wMboIpi5-GeyBbtqhMOrBKtt_d7i_9yKr_72YCklXYrnr_KnPEcrRQiS5-xu1fdpKOfF0bx3vT8LMXkEc2ELA7KG7JiRYgz48I8lqgE0y_CRf7qYieTFcuobF8-sGrqcuBnMFWBgXxKMxpAnpuzWAkBdhWZ32AGah4S2fGhoo7-WCIq_sgv91-fWotPiaUBmCOKUT6K1fnfmBPD60z89Sj7DDwPWpmje0kw1qA49Emu5VZZ57eg9ag22cqK7jxn1dQWw_MaM9qW2AsAWMEMmTqVLvAfnocZTRkQQI6FdPwBsgdY3cmcwGsxv74wJ8xQrefcNtZcx_FeMGeCWVNrvJPj2Ix03ZmEEqhwrNtjTD6-Log9ibajWfdP44i9GktVD8W0Vp2quar9_gYE-OyF6gIGjxw4IvwuuunuyVm25EewiL-xI3nD0H7Bq5WWO5S_N6Ga7yG-3jDe0wV_HjmB9hHtizNbswL_HkM3aXKvaUCYNoSUo6pCW_Qw7ICLxk4B7dGnimaO-0omPT6ArlIZzLLrvEbZWWjoJolbWHkT0l8m8saE53D3YiNK1z7EgzbDD6LcUIo5I8_7sjNc6YQdbzvXoQ8bgMvIwpXsn9seXZA_ltgmKRgIMl33OC-Gr2MVYD6U9SeNpvD8EB7kLbJkGc0nhlvaBpc05gy2ntqcPKJBLo3k8Tm55ZGp7LvSu1PsBwK3wK88iTuVovElNDhWjUXxgHUdrG5mrmZ5itRoOEasRmIn-hGBH5VCRyY5b8w4_Pj5qA6LRKn9Ya5rWl2gcN9gFl-Q3kK7EHt2Cn0O1cLL_OektXJwlZdSkjS77F-guls8t6q35F9yOZ7ShZTVORp3qPSwiiMshOTY-bF0maCsmMzPThbHt4Yo8R3P8htFM3k1jH9DddQfsex1zogMLEi4vjKRaSj7YwRybi2drAeRR_HcHtid2apWgh_VMmDz-H66-5WJrWsamWdwb9vxN_PNa7lduuVv21aXN-XqQDt84H85V8DuS1nlVNrmrLnnNVFK52G_ys7VHkx5077i-ciKcDkgMTDwMg2kwFwsGOomU-jX_e7LxUYeHE2rs_P6XBmudALXGVGN9ZQ_KM59u3mQ2wIOBqrg5ja984sIzLPGrVWs0YzspZdwgl2xmjEptdTz0ZRnSoW3FPzpyaVe09g7Ydtkd99D4JpRFKGNHZ7vVxpfdMcGf9RtAOuonjwS7H5jHobs8zFFnHm0jKmn60BUfooCj75QbXJUotHuuv52Xar0SLOmQafVyhXYLRT24HblsgfNDKp69puyDlHkmv7nxC8TGGlLwtIxICq83gtVrYYmc12bKakf99XAK6dViSLRSuRt4CQeyEY5eCMfguQTxtgq-tbsWwINAE_opKzcljc9Nou9ngp7pw_QeHM1N7PF_FQlGLSYKuKJP_j_t6AR1l9wyXscQrHb0lvJaOwRzmKaFchCRe8JobrzZAc6QCywtrmNjKO98QIXqp4HuneOn4EB9jAlB6-0qiONWDSxljH8TwV8s7fmNRjSVQy1BYaXX9jCexNn6dCQZ7py7nsmxXiavSvWpoCZj-eiw9y-0SQoMoIiG-_zFmqK8SLc04n_7WJaqy-b1xqpROQvmzWxQtJuXGXRzS00Uda7zLoTqOMlU0q3RnxINjT_v4aFtXf-SybdUsiOhMG7JghxbFCRzHy37bKGG42K7DnFh1usVimkWSxjiFQEzEVSiTm3tMYKVI0YRFavyrbsefvm3Ja1WcmbSucFl16_gt7NyY-ToGSwJjK4J-C99WzIQpyxmKUaODwXdV91u78491rB4PMsSkjLeCezOXRBankL7CSR7O_-Nycs-bLuv3Qxiv9871wrSMW2KiWXWV_FcopCtAJyir_B-fLsH48NBR-TuYjzLGAOYnK2RUUH684ReoxOViRLQA5QcTfpEo1anlmE4evwcQKYpJnL5SJn6FuZwMptF-4mTVuYfbZsWm-_Scy2rPRp1APmIf9Z-0285LscpUP3lmBce9tDHv8aLZ_eRJFYA077nl09K00KDGytIN8ngcktFUTlIw1eY12nojbFitp3-FBJg2NaT-Zr3XUTFwgzYLKR5MBLuNHNX2mYw0yfrUCxt8QCM66iiopcjBmdB-OCTryuSbOPAsAu9yOZ0cWri9COHZ8mggcLEfvXA1JJrAQFqMnj24Vww64ICD1yLYbWNyrYuTmfsFLJW7gpg5XbUPbeL2ZJX-2dvysWBZYgGwzgcRlAa8qptyIEOBbeIBIhwngqK9fgzonk8azpiL_TJyJ4EPShXmqc3367UecYgBpHxYEf9phFW3I11T2fdUs-vYrc6PN_VJ0sEoCqxcSYGQj99wfpqg4JTZ13ng7xqFdDXuOwhZdCDQ-r7ksiCxONThszFZXbasVNOPcmcZYrQmbzfeaxOo8DJzTsjDhvXXWU4zJYrHO3WAjKacCw_4OZaf4Ecd_fp90m20_Bwd_B2BsBqTkHLsOFEgEGoCo9rNdF8N-E1jm4QJIn0BTGnE5wlfcqokjwnkzZ6L3BqpyN3O7McFDNtQGNUEv05wB6v-jKjKdBJgOh90UdSHE_DnU1QblUvS293Ehbqs51X5cNT85wnnkBP2OVO3Bp4v3gOWa59q24N9WqCHWKrMX_r0pKnIhStGGU5A18vtrP0koaPe-Gi4SKmo2vPXYmkJ6w&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=1134656253646209900&adk=3676778483&idt=225&cac=0&dtd=41
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
sd
us-u.openx.net/w/1.0/ Frame 4668
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENJu8PxmancgKGzQQEtaOXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 4668 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 4668
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFYn2Ly2OFBHV8KvPCCgAf4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4668 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXZXa54ZKmmeavqBq5Vz6LHZaFRGS9jbhqbjyTH-oJgkarHUVdquqX7eQqQbaZg6cFq3l6frCwGs5qjRFG5kii5T1ZnN02wdlaHRANXKwtpQjlduX9YG-dsMbOOxeiCHRmBEqQckLZLx7fxO93fYmCfh80ATLsoSlcucBvNFcAri58h6g0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 19:26:48 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 148E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpbcS6UZ2WsNlUXcFb6Pjw&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 148E 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 148E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNXjQvkVOdiNDni7XYPGNCofYhIJLz-cizFs6b-QevhqPiifLiPPnfCVdpqD9me3LyPuIuTZGyCptQrB4krIFdWNfejsZMbty2ZayDsybhHtjg5liqqztjQ17B4pO5rLb5dgDThDeR--hu82aVpMDyLm2zYbLFtL5deAa64NmNRcentXkyg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame BC4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2381066866032716&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 057A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310160101&jk=3152756793657750&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4C9A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 14:08:21 GMT
expires
Fri, 18 Oct 2024 14:08:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 98B9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f72886187d4ab147378765482f1e450b254c783cd69690fd9dcb5f9509732986

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
vjdy8w6hewcq
hal9000.redintelligence.net/zone/ Frame 4EBA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1697743607102017&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
86490ad3f5c6f49a6bfeda2aaca3a92a04951554df5c7b83c3d40392671aa39c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4274
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
index.html
s0.2mdn.net/sadbundle/17616696938690754490/ Frame C708 		20 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c5f600911e22b2402bab0da52dcb1f43bb309c9219b411cfda90e45ba994d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4443
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:36:20 GMT
expires
Fri, 18 Oct 2024 18:36:20 GMT
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0at-FuAbViH75SXCt6KhDFxpo3xX1gZNBbX2a4QKJ-TJJev1sD1ubvvOVAiT8UZ-8IGs_r7B5Ga0IQg6y_m_CYS1Du4Va0blBHWRH4RtsX2KOnDeVnONFYByoc5yw9JF1SzJr05DSn-3X0iKBQAnq_3Ab3f0e4R3WqYzdOBYFp53hr3wods0WJqqVxGnCH0JvMe4i-8QOF_5H_M2kbGXfSg0RCTE3G6bGMGxJcXg_gSzRV_s0hmrYq8mFjvYnZqQeWDWgP8zpF0nGrmuxtWTjrnxFrKcbK2uu41wkR8J-PKYQPtLYXjADNT_x4_CeB2LpShyKmu8-2fRG2KI-EKwQrpbGDrhDyeOl7-AA9sSa0BKMnq5U2EOv0f6URD_gkPs8Yxu1-vSPTLWW8Skz47qv9cjwwy2MLg6JGxRAqQ5M3TDJFMC48gzhwOruyxaxuQE-vJtBtRu04Um-UuqrXowTnT2xtuivx11OC_QcrwEGaRrV4sRVgIlD0GDihxZQKS1KB9yknCwad1SMr_7AlGH137bpT0ESHZas8-HZhWu0XVLp96g72I5GcSNWy3pI81unlrzHLudPiyD9ZdkXa0zXEzNyEjpqokiBuwN7Zhbmd2K8G33hujvMztMiQPBhV-vEZ90RvnnlVEWzIuqx2ijvuFKJ-pustOPO-96VNjLeJSv_OPAhLqbrixZstJoJRAWeH-zbSAQd0zwI5Fp8iyjKZq5EpxAponUQkPntr9kdNYPEyQbruUhIE7LkC-Gj46w0nLJCfaGquiyHbltvbTiMnVl0jW_WgrMohvj42z0_69qE9Bep7Kt5-PD-dGCkHR11_qESOt8S4do-NHB0D11rMxkK7boqQgZKtLZAAKMJdgFmjd6xUEd5G3IWs1UHqRJuSeti4U5gCmyVb_PH5Y86xuW95cAy07_b0ybSaG7nSPxVGxLZnC9SmMHxVy6uqn3yKuyj-tDsbmZMDLG7Ec_SsLChzOLyc0SZCNeRE-Uef8qtlxn4m-mpwskz22Ny17zxZsDOMKgnKTL2609JyOx682YbtAUre2vsbIItFruSWh0Ib8gYcGcjh8UE9un0xtCY1z5b8ZaN1g_2MbAMgD1oGihkyXrQL7XgKNo2ioetZEPaA5zcCXBQLD8Gbz8vVccORe1O6TGFhUxpjRrzJXqRbMUOsLLbd7Ht-rb85tnRMfRBvNZhX4Y9gk03hBGL0mbnRumu3nS1R8VTcoE2_zeB53dgON82HraCqiw7L37wQoPaZZiySdXqXWXo2nXlOZtEmOQZvFrYnNGFlYUqlaTl7mHAaigf80wervHf-fIF5G-o3yLmbbsFxoDYRArZog_jdE-gnv2vtIIaOSaYyL4gQ7YoCstI&sai=AMfl-YSen35RwJL2Hj7cHhSjXI-pFthlOY0PBp-Mbg0DpjCSrJl1h-CGe1TE-sFgAhIi5sKz619xiGD1wjgIU3i_S5ajHyDdH_DzpzS6GgxoCnYarFqto6kvPc5XuEOOhvfChQLF5nghJmbUOfSCqR1u77ySfhd5MlR3y1NrVmWKilgij_eWQ2e9CZ-x3SauRC4Jyno5-tsk06pSo8OIkE8AOd5_lGK2dYecjKtr-B4Fr4oY8vvYwRrE1YMh5DEfV5dUzyhMdqNepoXaBY87mo0er_4KgzkWwUDeJOVs_8UP2IXvinlHiUBK6AxR6zibuA8Sh36MKUEwc1Wb6zePPN5cJATkP-Z4CSbPy1m2qsdIoCLxVm20MIogVT10Ie1enzuM9m8UCbvmN1KJAO0GHmXIgftiNBVbJof53w7zGJFYKN365HOgWV_X&sig=Cg0ArKJSzFmro6pMzDrWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=342&cisv=r20231017.84791&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1605450044134&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BB1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1605450044134&version=m202309260101&ct=77&x=1&cor=1274052178991113200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6BB1 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV1y0PoXFZfb0OAdAlt2rbZx2CF_29GKrfZJgWMinSTivXVbZG1ltbesX3pYj_K304zev4G06EnZvHJk87d0S8nZnwiQsx7gOojNQtPSlkJkNII8HtD0TxlBRS0rPjqalLpk9v8Uuq551mG_6fCyGNCKr4RtBVtytcuUBPLEhugLCopQE&cry=1&dbm_d=AKAmf-DVJlnPuTapvdgZnyQ5uARlr9A6Y80bDxr2PIkeI_NRMcEr0lX3xcB4ajoEOq8rcVIa3Df_SaRNYPUVoJ-ao3sy7yj2gJ_catL4YI3Lu5dMXX52kihn3NaOl5RQ5XYrui-f5zfvC_KiTrmMtQ1_eg_D-0XKiN3UPyJ4mT_96gBx02Yqqy31bCLDpqPHABWs4Rj6w7-kyGVeRY3gMnn_5iux8VbJKhj0mmjcBZBOlaXSri9kzj2QNi1KT3jy0-dbBdrqddBJzvSOEPtxv-phQFTTbN8uohFw94lecyY72D1zrEVb7VUlnyVLDkewFZZuRVqAgThTgUNOqVO7HmzvlMtIxuWmCf_McHVQmxhoUXFKbhNjgLelMZXhaX7pmONLsplZSj_ySgIpB7dA4t4WaDUYha4q9iJ3ENWkkapWaHU1SWK7E9Ay8g-TWh8VBL4mm4sfI6r1LNnrSMPJJUJZEkAH1l8iMo44gLpw19wzz6jZ1YGHdPpjxoISsxuUVNNl-xNlHa2NI-aqCaarZCTY4todjpcDiSdpCggU-IMo6dl_Z73a4DIqZ8OD0FU77dgtlbngpy7ryaMPmV2jpNg0koG79C7ASBpmz3969P1DFQ6ADydb8EZklSowqg1i0-Pgm0ijcG4jpCaV0d9-Ug6Q1duMbmrccHLVhn7Lzh629zCo2QmE-DtFWlRAQGgGB9k6LdjU7mD2ULN2kmcriMQA1XAgn3b0rR2sSGu-nPhmP8-Nb7AcvbTHmarbWoQEvJ5VA1xBZD9yK80lnSLnnWV5UKS3qgj6AMcOdnvttJM58PSHXG_Hi5zulaxogHfnDW328f8XBTXWwcqTAkyGFpNIRtxVeq-Y13rZ2wvEBDFcceOEgnzFJ_uI9Bgliy_rwzeGJUKaaC7mSwrsY63eRxpG6CBeDNh5JHBsJ_T2T1MpdzD24jCjaaSrj1wErLtgr28SY_C20L69n7LfZgObOdmBPa02Swd8AACc9a1QDWVI1XN0f_DKbXi-lGVrcBIdKq_8DUL7o4Q5wemzkK9lhVgoIGgQsichGs_e2kXYL7yEJnEjIFknOWy3abwvb-Ih-BtyytSuv5Fwurr71jeCQFJY3DThiSY6tbaKwViLUnKS2CHNASJCUY-z6TeBJ7md-fdJBN3Rh6njvHt5LxEzBtsiASKbGMTh-iVo3ImNGf2Elk00F0THlNV-LsMddh4jeVvPIjKkiZS0LMajj_mQMG3aHeJyb7BLhX8JdiivCNUJvgiS9Oi3mMquodCf3SO8s_Zu6_KGgJeLgq0_0ArpVzICvF8ivR0T-gchP4mexEhO-zQOsotdPPrD_cS7SaaA51s89W-0VTSfj3aqSeM7crCz-v40E-Iq1wm1gZeh9IygqLuTyzjHBI-6LzAULE3_oSVmM3gvgOfN9hK6v2xxkWqWs81pIWFU3khYOxvabEkmxfOcspXbE1EQTR7A1xagGnLRv3aIiU3a4dTSMkFw77Wi2p7nphrlz6nIgCciHeiCXk02qtjrmAGACL6tDcYqXqE4zFaE0lrsuCG51Z0E-KvhWNa6WBsOlDimjtEh0XWdj9pupLcNMS9M8_ff1fUFTw1J5gn09FeG8yYywZlN9DZmT09bnB1E_o_JA9kictwH_m3kBaUHFtb3jHxojUoYC5QX39hlbx48a4s3ai5sODiiTM3pth_FF9xqC4rV10qzpBWxjOf_Wa-N3S1tWxocbuJdpmYtJ6uD5P7d53VGvHImDHAwMLDZ3B9tIwZ3ZuG8BZZ7wvq66LJw106ECgmHSxFjcUHLUdxNmRFHwvK8AhXyH5JDvPyhOjWn8TFFf7qJbxEgX1kkl5pSq-PEwOPfTfljcOqEzwVqZqwC144YxCDSFc99PwNlCGkyHambMdP9Do48CyX9DFoFUSi6_Q_wwMLIolUz0x6MlXQQ0qI3pTcD6YMXFqYEwWtk0mBFeOJ5F8ZCrYW2QhcpNSaWzjSF1UA_Ic8WZTsgaATPLDNF9IOyeX9RPwVylzmNrKtedzKuZIBRUkxStcE3ATCyQVnjhmnMebiaEQtJWK7pbYeZomv5aKXaa4zaa8aP99pk675aRdXbHTdj0OQRJvFauvbmp5-9eAPomQFW42Eurq6NeR6IVDg8cLlY01-S9dsQO_afhdDvqlxtAJHYlDaCJWpVrDSWw7LXT2EbpSwAXKB1Y2XEjT7KDXnqDHZuHjHX4J3MtFVb0n3Q1ze7bbG4_I5jjy22H-puc_N4T_e-R9q1kQP8O8OvhTJD4_coPayl6u3Ln5CN41J3bUriQv2-tr9oKIdSuOZ1WIgATMi_eA2BMCKcpGfM5Z3Yc3dcMW0n-PggCzqGjj1WRhjDWtQbpX76MMWjJ1STOLVq1Rn8KuR8_AnWjyCdxL4FbYq31iYWaZXW80bxH7thD_tj-_JSB5e_YvFA4EwJ77FxNxsNJAezSs2vK0CbfUV5vONe5GD26CBoog_g4SOP0YuiVx2-pAUi6fmlD8FbkqlhN1-qJa6ZQQty5wu2F4D4URaJEQE2_MllC3yh4heEEfZ-ccfagLXQA7TMdZv3eS58C6N1O7RirFeS6p1Hl5W3gN0z1_kzysyk-BTXzANJkGNCP6X32yiiBcC5rDuIeC9imURgA7K0-Dv_0AyUWHzNspfK0rdGTmkxDActvdW5WYaikNkzgUWMzbYRQ2Mx4rn3O8I4M8fSMer6VcLgAH9GMy87Gouc3R7IZZJzeZ-bsqWYwDeF4QjIIuoC-QBoP9wH5fohuh1Zs7w221vzAL4AE26D3Vh05j7LcVYrcXzya1XVafLLr82bN9wyS5kOQo7PdUMLE3cauWHf0K4zxnLd_LTpf2IFHRSvhMgRdy5v5ljiIa4WL67tRt2TEJt0uKT8lmNAfPbegr8QXC6Jvbm6HgZJlpJ-IfEvyoJd6lCZ3xhPZKvlgd8L78PBLXOpT_CDyeG47Cnk3Kudgy0zqI2KxAWy2XCzm5v1H5k4nqKhhstNaflDsDpnD1REgZqgcA1ZN2lWh4fwOuPqscymFjQKo1OHfEZdg6JN_OOuyroa1TBPUt0UPaapXuDhjUbFKEeLJJAlKiAq6T0giEYsb8z6Ye9rj5TN-T94xWv7PFfkXTltG0FKolx03yS4A6G3ybPZ1mUFskCO40QRNl9qKBzy3jioko_yCcsH0UEADC5nvxx6NNJfs2SdK-K9u5XjSz5e3wQDiCTox38iwh5BRMMR8CmnlrQwPKoAn40fviLMP1i6tyD7tmbu_u4ShDE--LPLt10Xsnm7SuKlXTvsXWR99iSNzB13VKfbHGsH7rugmOr1Lx8HAEXv-xbX3haD2zda9OsiEtJxicxnkbaQdosn1VYAfThcWfK2vvJDZhgd7KGncUp-A2XoQYV2reX7i_cyk9ZT2w4Vp6wBpyaEg-sJeAdODV-0mNjWUT9DWqg7y8_8JxGX0V7LjagjtlZ-OfA5D3bp097G3QUiGSFxAze4xe453sNxb8Pc2v_VLxSUI5-rgqR-VS3bUEXAurCiT7dFzIIUhPJCgRits6X6w5kvZfzXvaSxeqNlQVWddArvJYxpftATxnXBxAQgjCM40px-RTs5uyjSrowrKdaGkLzBofcdd7i8420PNsj8hx0B1lajCa0uGTKbZUi80oCQTuPYmWYVSaamiQi-LA3QkJ-3mDubC_82yYMTC0SeGxg-FL5W8hnTkmP8gbdq5B8TyyVgWfHYbddiPHIAjWTCVVF8Mbz5DxKN_uqHurCxtizHD9ZMCofw50RMCPXpecIoHyLOV2zKRVzu36qeuKJBKAfAsQJDYgV64slN2f_3o2RMccCHAXrbY_mWVwd77ZfoNB82N8xMv7UwO2G76vceIG1FlNZJDmreyAOrBBLfZp73nCY&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=1274052178991113200&adk=2228999115&idt=121&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2643e0fc761dfcbd5b4cb072c33fcbd30bcdc73f70b488c4a66de0c6409b615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12437
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 628E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
36408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame EDCE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 09:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
36408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Oct 2024 09:20:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&e=*&eid=0&u=AgAAAAAIAAAAAACA&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 072B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlOWYG3JFMqMX_6eZp4zOSy3CE-cPybY9HZAG7PjePDQDHS2q0DraRMJtCzdX1ebe_AsbSGP_SLCBdJj7bqgG2auhbyHUrw3JNgHPiB2DVPIBH4D5uNsyuDuJX-_pvlJEbbXNvyaOp1nlUK88p6HytaBXCmuwVijciWX96nHzn8Hxp9Bk&cry=1&dbm_d=AKAmf-B6apg1T68LFMjGz74KcxcO0dLBMrChfSUk1su5JdmfvfRAKh6mYrV5qlQTm789W4QxuZwuTSMU8Z0Hj5-UU55LPCTWr2171jXGhxqQecR9Fg1-95NAsbN0Zc9Z20Vgy58uOlSdvPhgqStTd9Y4RhIWFrVWlMwgkDqtBnvoMZXcQAECzo9KAJLvs2jy79uFZGdGzgUvrbAo49aEXtsIlkmRqPI4kvxgPDrR9L-DZcgK_g3qzP0OrZenICcIrlBUok76ZV64eaAdNemxbHxbbSP5Z4drjKlYxvFR9u7KMp7hFUV1SYjVueZrYDE55x8pYulOXHiwZEZsxco4ZhFWbv1Ix-JnhR_otLscsFbNOE_woMwpary19FC4gvK-WlvhDtLzk2f5QSWgFHzrsiiMARNANvQPmqY41Rr5gI8U3bVu-cZ7uwEEgNpW99qdDtsHWj_td2UREw4_-YoFGGgcUP4mDW64JDVRvjPeN5oFksV3HiFO_fYiYUqwizO7WTMt2_srAOI4DsTrm78WlNVtdg7HJBsFmQr5giMn11ZGsoqlFkehs0BOZV9TWxj9Qf0-5VcuXt1J56okn8e1cgzzwwcqvQTZOygRL5tvjprxpG2Q_Utzz4zcg3B1DH1r8dFE24i6wHzOjLybvmVPje1i4sF-VZ83eoZyE_Thu49GmtrB7gbXR8cxspNTwryRigFiTpzzF6SZ3Enz1Ip86puZtfhRv_99KM97bKe0JUjn1Hq9vMK5x9tNPODtM23QHKSPhWKrUv9eNCTyevNUU4LHRC8oSXZocKc1agX2rrzwwcNuololoaE_pHE2auj-K8FgrIHMnHzYvueIhx2saIR9QOMiRArYMf0gPSI8zuNeRR2THxHyDBWsq1HCqqqbn_s7dYpZ0dgfKAhFGLClixoq8MLE3nd2t_cGcCPAAgx2GTu4k_I_dY4gtz5YbKO8rtwtba5XqWM4OI5T5kmfhHy-glHxkVe1LR87NJYGzDotpKRUuxwvontG3jIBZGMXSyvw5ZnquLTwwsIBqW7w2RywXy5elA-kebSBBcIcUY313-VwiOSZNEc1MxmVt61DTvJN6BDygGTjbrN3wcD84RBwSFbiPB7SWIErKp1o2uZVz8zpmoCFBQox8asyKPKg6QIBNnGuUUdwHtGYGPuQSMS1YTHzivPdAywMxRm_J12GFtafgRl8DNqOND8-s3GQuxQcD10ng3n3SoU74_WH6kYG_Nsj0YwaaOF8e_L0E739aQq4cNvaTeTXlN8kCN5z0dhv9AZsyp1nVFLa920JVFpZsnEZ-K_2iLKgskJKXHmzqsEGnNJkySl3psjR4MX2KqUcNgLvH8ZrX9UqOpyeFKA5MgCgRjvWoCLNI0V5jNzLX1Vo_jNcwehiVcb9jIB0dOhErgS8sdNzHC7eDD0VE50FoyGLhiGtAbj9gb8O3wLX0v8ZiJfaEyeo2nGsYWdzwYpzAt7nIKeUqMO52_Y-41fi9NM-aW6QgvkO3tiP2QOcqPs1th9wljp2ddxzoPOLK_jQqEh6HV6Iv8dwux5cLJbrjeeHcFlpOaB_TQp95eqe1SvaEmGD33GjRYdU4ujvNCWy-8Fd71tFVRMx-qaQeLS-FtErmhSvMw-mvDYyz_GcJD5_Eq0Xw2CNZ2SJATn3L8ZimDlDKtNg7uGnzMSOtzKfrHWnYhyBuSrXARkAOhULRBZ7-ey1qPBHarV_UyzBrZx0BV4HkzVbf0h7yeZhnLIRGJU1ZQ8E6L6DuWZrxJp3xkrE6SHoCO5_JHrb3jPqnMpdAT_r9Kw3opLzOgzWmhohPbXCIp6i0lVgSoSYILMKRLSCq0suhwzUM1ued8zEdpOv-AQHeoVtqO39CVvYUub5LkE4wbhQ4WXcEXyle7Qgz704xzUDcyQOZFYdL2CKgpgvW2qRw1QQ3layZiJhM1RGCKfd0Ncx7U9A6eUanJZZbQHpUUpSPdyne7Vq1greUmiXSaFnutIzrtDX4FboIZTeaUV5fw-DEYsPcZvV0aJdjdkWO3keVOUQJeHVsTCJabd4zMBy4JurjQX4eQ99n1j1c5f3Nua4Rj0PtkaEteL4tAbMATthwsjHxn-ZYZDbMLoqkDYc0gh_2Ktk84sM3B_-ti2s7KoZeltjAFv-aqtsn5C2_RERQBx5YUht9QDLnQOvGZ56BOohFLEiPfNauP4Dmtsi1kzGn_8vZnr2H1ziABuFxwqc3snwq92ELy-Vvz-uXN8TiqSbX-XW3jxY3uMQ1luXKRyXSsl0Ne4P03Vw-I8I9WTd6tofVSliDH3L_cRpWnr7TV8wVotOY_LKV7c16ccuYF9vJv0W0O6te9dh2uemCr3IIDjegQy_-THRF3ql4T6-ZrkDTz-hEiRHwUanwNfN5bOhXSLQjwm7w0CbjJrMKAALwguO8gV45aPFptSytuU4BVdfCLUoPDIuIZOFzBgt4IbTNB4nBULpkn-y-1iu87VpW1YKb7WbqdQ7BzPqvuQzS_C3jiboxfpk7_0e7HbGCRxTkFQ6pj-G880LnkuhidqkEmx9fJ4niUv8jBkRxooDJXMPnfitXAv0vDAe9_EREdRTVz8FqNq3Yf0LbV4Ub6uBrbyvqHAAKWl9Q-VstjVqjTEeSnpqdaYzV8HvajNM7lqWR6rxRAGwf7OBmmHMxaIK-xpt6Fyvu187_BIBQBJrZMz4ZT2rfWR64v1afoB9LQ3Nw05UMpmoDHR1CYdK-UbjrwvUlXtDWQzYYLJT7O9HA0_R3Nj7Mkf-mUz59dsSdLU3QbmHMn2M4EvleiyVsQ_qz77SJlcnMAX4A46qWYs9cjULmdYFq3_uDeJhAdecWiHY7FQsiCOfeJO7Cfl-xGRB01yP-s5xB2i-SCMxOOEcpfbSKwpt6iWftaZuN7KfeKOCzjVOfIjuLbPcbgxh23g-IYy6v_iPREscEEpokA1FamBu8EDvZDicMUSCiuTN_726tZDGTAvyLuEFOtws-Y-8w276dabRISboU1SFQgO05j3KeB5HtfJ-r9D6PkEXqGOWy4mhUIYSMSbYGlchH1J0VLr31tQxjrN0T29CKKW_RJsWC1rB7XiTK0IqE-E9sqRFuxLTeiKgvJiD2LrLQafZm78G1h7phEXNt_icdsBJ33c6ntaZXbhS3gkexDTx4cs81_MZ1RFx7b_nfPlNAWhUqR4G4Bq9gzPlbBvPfS7-09QgZZHBf8arc4srkIXKV1vRcxl71eOkKfiWZXaZyfU1sE3WpzoICj7esaJKQMlmnm18Wdncw85YhITJ2yJdY1-sK86bnXTZoECRuXSEOunNtvJ-9lDukx3ReQek5-TmeJTeZLp6L7CN6fpf4vp5J8K8_5muhpQIhQf6FGBG9UC3cL3towsG4nmXRv4RsFodAlHMbyx4DykML3P3FuiowTsOSfGorBvPSXQgNZobsBfUwhe22sMGvtPA7JbCMm31rAqfDJ59U9QbDBoQC6pKUsIy0WLuCVyI8UV19LcMicX4cl34ymj9UbakN-v28ResrbIyP-wI4qElDCpGamQlWbJipQqtwDS87I9V4XKsjNoD-3Ku6j04vlwhRaZ3XkRRHz72AUskoIyZsKLQdFZ1GtnU621cWdsFNGiF3hKUmO5JaPN0QzFKHTUOmYUV3rLRy5cQ0gVwi_6n3l2aB9nWG-mHAoEjlX2JQ98ZNFtc6R8MHDPL4CyRguHTI02bg0tk4oasJjCaJ4ox1SVC7kOyENOmnklBkJbpazrel5cA-TPyA-hYplPgoHgA299zsQ_yHN7gJAufUDWcCv2Lz3FfeL-uzzhaNLs_sFqqXBROad24ixD8FScq769SMS1PqyNTWIksglE3g9Xt_AxwlVR7jGfzHMiA0wjDchW2ieQEeem9GouPlh7xTx2NfXvP0lOf9hWoV06B482R9IlFlZn0kIk7LCQECpIa5_wf6KnA5iC7xR0ziaQDwHF7fvNaDyvWbyuKB5xZdKAsp1wQk2qFI6uEeVCdNOQnzIgH4ytkIb7cP00bDgqFUCXgHWkol-bk-4EPUmvKs_lStw1cTHlhs0tFfmjVXPNjw9mLuMhQNM-uC-s&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=10347433142770740000&adk=3730726249&idt=363&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1AE7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnKX3jiPc7wWPfs6EX2Iyq6SHfWH0dIhYknbBFfaUqovhkedFrvBvrWJ-lhf78tDvC0CBYfxu6JYKkYC0DKeJ7lZUBZIMynG8H40IC3NMHtJFQqhJ6q-eUlb-jOfBHYK3ytqdLwhr0nb0t1cLuziPS13BrjZ45fn_LNHxxPSkBMbnZVBA&cry=1&dbm_d=AKAmf-Altn36UyQFPuL7sHp-oS3sToxM4dIBTyNPz_z8RHnf9rEzbp-C2VorEIWvW0HAum4UPMqWvRb1B66KrrpznXMNKYInxQMxTxtK-ftx9FuixjSFFS__f8xDWtf0K-iaVq9KD7TA3G87eWPA5T31pmLoiG1jActGGKZnOc_pFZHDbnRJi2OWpJS4xJBweji-cSpqyBm0F9bTOtQjBRH4Y5r6bV1gk2T3NUUqVXiy9VUAQp6S1h99-k9HGdCL3wneRmv6l6XX6HY8LHc6sw-J4k76cQNr0vZjVVxIfOy9sjwiFESZ8m0nNf2VCrd4FRWjnSl-gk4SV9EXyTOi9FxL3GaeLNvqZofLeMxxhSBTji_el15NRsd_OvuYK3_eJjzwRK1Au7rN56NCw37yV4qZnDf-DgAvObD2YvcCep693Zv0gTHlQKuMs1i5L7DZ0L101JvqpRnk_iLajmkAEDb7c0TO8Zwi222RydHVaDa2KVqTHyZR_j8OS-0Zr39WPFBpOEORVOZfB_d-5QFTDM0iPhrgInHWibbrOR_kqWUIwFzPZkadXookIK_9uiqa0Kba3x7Q05HiKOPRTja_b34_yo7EAZ4QtouesZe07s-AAhCVRxWkV6JR1eO_eeOHKs3PNFTu5V1E6ugEswxmVZoocNOaaNBL9jy-nZrDwM_fL-UX8WQ7K5oZPW5QkOr--nOGXw7wytQcqS184OtlKVuwenBuR1cqEEhmPDWa3brK38GgQab01F9oZDkbG2fxB7sB453A-HUKLsv8-kJ75e5J3VSsHdxk5EQiOlaPIGG8mRQC4-InEBTbRsnze8OO2aK3iMdW2JomEVDXOJyH_bMb_uWIOQiFWiPeQJ9vcul2881YXR9JOjQhm-km1SGq8-qWsSU8t0qYbrlTCGYSlDrj5OHUOmDS1nrH31fqPObQv2bKMagW9Z_MaphKsC2LyRTS9ke3w1mMcpIdxFzlpf98zZyD6ws0G46vcj7BzM6P9ah7i4dhid6hz4759x7IBTQKxHu5ai8EH8AUq6nbNGN3qGnKtPn65OuFlWlvrD05OCz2wAe8kzYMIaRvTKY4f8ljIfO66E3WMcaE4N1j1UhBHu24qnFwaTyNxGa0qk5pSpb5o2x_FIz1NJViCkfh6BPhqykrQDubZ-onSv-vk5Ii4gmVfdk7feYzDKxj7c6y3dIDeRXx9DU6edisA8518yYrioIhbRylR3XiTtQLwT80JYV-WKas99YGxu992b_5xAC0wV6AYhKUp_jsf_VWwHIpQJFz6NrsJ86mUW9KGzgggpwR_QX4znP96zSudL529n1ttnLrbamaCXJICGqZWZEEVw4h-fyvePc9wLOGz9l-ye-ovdhioI-Fn_M5LtWSRVABCO7we6YFMOVerY6q0oeXcHsx0d3KaHMHV89nztRzcJqeMGSNGmiRQmuGwiAfYLtMx1RMFFKY70-hl202gtowb1yi5SfwkitDByVaaeBqdN2nRyWJt6nyCVjj-YY3Hn06Mog72wA5qrC-PpMAM5-WVtdevVpg2V59bTfU0fxcQgO2FO669NK6L2eBSMvbslf8ql6ScYCNITadPr3qWefb8oBvr-WJIqkWRk7Ll5XowwiqAYsgPhgy_d9PgDma_0l4IBWeoqLjoQ3BnXIPjk3ByPXjVh4_mQzKzDPFAN2W_Qgx4KQjoH_6ZxOzq6UACjNzfyaiGPPBhFL_wTabVgFj6QI_9idbTyrxN42nT7t_y0csDpNza2WaGESd7gzdQnRPkbCItmrCxEG7GAFdiv4y60T7P8GI063PqrhszmmWOXtetm4wKpondAd5EKNkS__68JrHW1Win0WGDIrI7u6uwvDO5tdyjytzzGkeRLVWaI-fXr2YQP6LTtOqVlAgCTmDwTrgZSa-7FHJNPmnvq7sHkex_xq_tp-xGa9Oro2oKY6yem3-wPBZyk8OeYowozkdJVBG4A1LoRRtxdaibujH_u29sT1GApXt0G2e2IAgnn9R0-UMyE7ocBuz6eIfFis_PDV88oTdVElZfQ8VK6sVF6p8LH8n7qPS-gulGmvDsx6M23lbMYGwdszjzTaVk6QkM1wKjGmf4ch-eBFOOo7Z42x64YZiwxYpBJt12TIXDk7YzopSLjD8GpbnVkpgPSL8mWQWrpXbz1vs_3SN1FrUxIJ-XCvqqu_Bx7hBwjSOlaQxlFwua1vbjfaib-VxmEpUwGfRn50k9MKxqokdgHIsASp_A61NH90LdUiPqrnRrq_DPybrBDlUGqVvjTWMmqtd-Wg1-_s04PGyLDKcYls6dVfjJmFnKOhQK1jG04CYs4k-pK8BE33zrpqHG4TJ0HmUKgLqTkH2YZG5VlhSSkZC7B6AmFrwEPyevpOsnXpb14Lt4XJrfMh46sUwgLxz4wKzF0qvh0DFjDI1Yb3kyplUYYahDECvhW0CKhCVxjInPDuj_S7iAqjaHA5gibiROUAWZXLF-ORzh4AZE1p2POPCusyGWR5Qi_pEy8bz7_GKfD7OYaRhMkAwQEd_7fgyW5fgMAw0piup-F6BSmS428BeRZwAN65WiTQGHe74WI0SRc0t4C-vqjoYkr8NaUbouX1tmCedZt8E4x8Wry7QBxIxbUuc8AWb5iHCTxv9PZ33sGAIt76W3uRbUwstGVHRsCgL7ia477kpU6YYzcmXsRRWdnhSLhLnH58-y1X6Zi77TFsdO9MGyuWXlFWNPjz6mynpktB30Uitom5rM98bHJQ4g8W6tZt1aa2S92UsH8drsHs_aPgBdcxr_KqO3Ei5gxFuNwQtQra-kyqP8En7vVaVCFiXVGTs5avGtkUikjA2THDVnifYR5O_XKL3DUQlhiQxcArL-6ZXgFk40MxcRLSXxD7VYZO_u9ReSfYI9EQZ_fACv1WELkaJCPN-Wb-s_3TyLrAPbTn8ajeOH47bD9k0HCFJ5Dr3-HboS6HQEdDHf9U7-gXDFde97V3kITJOBSo5qh9oqnsO_d3aQHhIqifwlemH70j7czvtztPEcc4oPKfg1YmI5fky85etuevtNFG16fg-2JFrmr60YPj08MDhUrCapaXqb8T6GKfNK8-xL2TOMG1cXCAyqOQiqUooIQigi3xmSHBsVRA6uWHNxSugkfBzk_Wgrdq2rDRfMBFM4xQANO5MjxxrWBJ-xvQY400PFqBazI35X8QcyDpRFt7qB5QlFK9I-dcyvepx9oXaTyQBVMwCsXuXpIWha1VVy03rBrG-TYcxwIJCUxiz28_nhOHMfe_lkU7nIaMY14xK_ccr-7LmiQvxhVp0RWfRR7vpoE0oFH4RVC3Qrsrl1ll9a4rrixwd3HwdG_kERa9Il1eLJKxH2k8TqQRPBwhArWPRTQFYsWu6EZON3kaZCFGJHpUYzYUOQ_J1O-hvMs3oyJ4TVAk6awyVY2QRKCppIlWiWPtPmOFZsIBwPgoGthv8k4IHcu154_NOeFSpDcgAGaJk0HhAZTo12JBTBYRsmbfLBA3oXkeFL0qnKrH1K_rFMLp56EmWV_Qdoj5zcp78xw_7R37qR8FFP0y__L3jKUA_ccWTtnKBgNvjZkhfnrpVrOmrgFyFvDKDIS7_q9v04c4nUGzE3ccVbg68EgH6JuEG8HtbKvP1MCF19tYc4STpif2ArUW4MJGFzK5eAz6ABMkCuPzZEiNUYvLDgUCoSThYPsCJxhu40a3FO5P005I2T8BVab9DfBX9gZxodCtu194PVvFo8sRSGYLzykpDCFWSByqmgFH748W6PoEoQejCEBRbJUZxFqlzgPYWQ0q8ekWVBuDiH93DYTy7xP5Zmt_TcTwW7Uusj7LLlz245Fm6-HtnHOZ3gRnjWaxprfA2T-8fabSSfgE0n31Bq3DvIYiOhBehv47msA1l8xYDbczbsKpu7n4V8Ri5BiJqJPUjkqJhhnAO70xPc20i3l4bhMkllE-7G4aXheegBZPTXXhgDWG72HD1eDaya0pZh7RlU2x7HdcRVF2US0yvOUZa5zXd6WGAlJQKT4nhBwh4OPiyBQ1bFFXLNVwBUfgolpG-X5SGSh7ngVwFe-QsC10JWzWx-ysInZA&cid=CAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br&ds=l&xdt=1&iif=1&cor=13354954951250930000&adk=754613069&idt=333&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9132 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7573341964943&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9132 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7573341964943&version=m202309260101&ct=77&x=1&cor=9234408372139534000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9132 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxukpFHS4_b9fVBe_xwqkSae7bUjUCDq2raEQPX9LQBSBSNaZn5Vn9SDuqH8s3i4_mvUYdKTXfNwPb_psvX327m8xR9WvWGQllz8msjKkKxxoD983XtIx_zWyE4Pi4Q16wABucgGZX-BZBpQ5iEFWDs0V7pNS0mph2cuDbP7icdesDAD0&cry=1&dbm_d=AKAmf-Az200MxY0tStGQ-3wqlzza9vwjhtjnkYR8O5s4r7M5ZLbxJYcp_cVZOT3JTOZndu0LzJs_tK_FB04Y6gKAJEFPVz0_0sckuIdLFAFkaO0GUIAbkIP3l76I1APqAHO6ld3URoE-tRUofbXkddLY3Ihgp61LarrbxTKCX6h1bK5px8AV3hytdJjMDP2nmnuZ9KnPK_dyK8BnWv4uV-aRx5ewJc8ICAlwJV1fAQ_jfgFfBA6Z7dj4f_tYbRZjVrRgGnosTFPEKpUpCLX8R9hr64t5uatorwNe1HEcZd7rB2YaOS8IGEvDSBf0JiQZm4S4z_zbJXNiOwIQ0myitizOzKkrFsmVkkQagDQbPB1YLNE4tFtwITwGIPoKFoeLd8TpmPKv7awhS39ZzwarihLABW5M09Bglu2ca1A5PQORnbbVyaumOycvIC4IEbiuHMnI4KxzeYnt9HPie6RRaPDZYYIEDeuw1-Jfv88FsQXFPptFBbKcqWLwgNOcfsgRsvawvA6DVy6BtRmXQD119QOei7xJjS1Fc5pNWYFGBimJB6dB4NLw7C5JmXkSlBWHP26eMX-9HL_bxI7C3osa8G20bMjaaoVnKS6JkvHavOxC4dk4kp-f9VlqgXQTmdFtDwCOJcuo5z34_4xT6UYTcrj4zw0h8Vqp-LTOVGFb5LugE-DiMiEhoXvzBkpFfimUSy16g_cAawfM5PQpPHX7Nuvx7-bKVAO5BM1FuOrQbYOVuJv_dH58NrnCz9OmgvocKWgIjYwIILD_YJw9w1zAqtyJpMhD-WlyJLbxvqmvSrHUyB7oT_CSPt07BLya6FLl-_mV9BNrRN57n-JkZFNb5c2zm-2ejS0fSwz09M9v52wY99TkBQiphkX1CC3qmsEc1IPqEAd8yYqx3J0rQUqoZu_jCb1P4iahn5NoQ3PcouhQGaDToh1qUAwlkEWWR-mJ6rD8IiE8sc6EY9eko4Wc5nCpdb2MPOEr6NRb8kQE95AAfCESPBTIRUYdUcumTojJC3AUkIVHsRhLUUDV361XZpTGIHG9iV2URtKPcQ-y2Glq0a8jBm9HHet2Kv44DIp6-AsFy9jxCLR7CzKznV6LJ1O3lxXEfDTnGEOHCxRWn5li43J8I1pybhHlj-OOuL_kbSu2YRB16HwUOynE0Uu9tIjfFQiA_2tcCZiBmO7KkIEeDyOV-aA5J4qZESbyTzPWQZRdyp1v0zC6CZoNzmR-SXaOG0moltc_XutzWcBXAhxmH4EKhF-1Igb2x-yJjSYt7Ct6N_18UEQaIYqVf0D2qT_KpPQ_5zU-IGOcqMtVNe8y0x577R-6J2gczIPY5NlH6OyvpP8wa8kFfk2-IcL-FdEDVyFwmMXa2B4SZRln4S1hpsY_eIMtaRDJs17UUEM-tiqfdqt-IFTpCIyFjP4CtmQc9c96QE71URV_3NlUBLQa58nkcrji1-yDvLtWekFRiBI5gQdVPyKIYntjX9Z6viphTjnXgOH0YpUWwHZ1T9pQw3ZjR86ekb60yNKRwVgb1rj19_a1v-YXWGWDpTInzodVjjJ74H-EguGA52jCF5lPcFGezUMfcf01g3fyBm_9QMlpfRQur5WXA72MvNj2Vdycyvdi25BEVjAPTQbHG_5JUC36E9iNopQdmroSs79i4vWg9h6M9vRZ5-XnUNTp_6KNwdDQdqJwc9zP2E1Zeho84maskntjLpwbIrAsQs58ZRHga2G0UgH0w2KevP_0T7XI_8wDe-E5ZuB0rHVtGb_7_KIku42Td1Yf6YzFy9itjYcGrOEweI28loXkdPHub76KHc7i-6M6CTSzf1CvF0eANFxW41NuZgUYV7VZCG2AzamrAHZMLiLxHlPuCDppwOpBTpBFIoOKogyHsH46gJN7dEUYB99LbPTiFDYv0OT42slQ9HhiYbJdbU10pozIJvM7mBUrFRGyMrbgSZDsYW9cyzllgvVKIEECy6Pquy7wZ42gcovQHoYAksGB9dWGsLCjqvgdvmZIgR79jSLtPdrlVLcMV0yI8IFn0J-49FTGuWs_n2IKnqn1jtRlv7PVdlS7IXL0HHXdpi33nhaMtt6voOHzVMYzBOhRHWXO9WQ3MEGYbPTAK2npeVq-ABryoPqxxPlG__d534e_qji28fCSnWW2duxyr1s3JnvTSgAMlxuYrcaLZrUlNcxsF6Ww2T5X9hv2ZyYZBYlYjKp5Gr9rmJxpkkb3fOJ5vYwCiOpcRBeY1cW9fjduRshLKYSKqUc3Hebwqy3qXKC6cPzzcrzPYdMH0ne8mBamsv_gLrDxq48GkJUYX3yzFdFammfSdROZ1uBYMsPW24EMhSpXljjspna27u0oQxmPb1E7lKaCBKLv-b6dEuUHFR-sFcgXKfKYXSjeXbDlrXR7_kvl7oxvDYM4wi0F5sT-H-db1FemA7UWld7KxBoEWyFbV9UQ-7nrMd7b0jtxFdzPn8e3ZXUWFFpqGTdbw_BGfAZFRWSuAIzlG-isBexm_CNuLE1vEbZ1qRRoDqVc3Mc3LBWmsDkznK4VW3HJFlicV4FLDOjlX3rQGhX7nTNt9Ws7tyTISsNKClc6bPPgIgMoLkHoCM8JpmMO-HwcEKgPalj2QI5Osd5h-r88xfU3W1O3N3CVVWk4z0ffDXrsZjJXwuck8oXzzwzp9GjBomf5tLZ_Ufl_5x4siebl9uthedAO1VlApiNifp8mh33l2tKLsG5N-rjDEIYxlC0Oapqy43Noo-WUCcyBFuWuk0Af8p2pQRr5yz5-V3WXTvdXskD9ztKc1EB2RlH9AtWH6IEBsCcv0Ij_P8bJmz0EMA6EQ2F5rbsG0u0N8JT2hf6nL2JARNp1Rlbh62cqS8kxbVK3Jc-OfTj5qvzdA_gJ-zJO_ST-1Et-sHOL1vYsgXtKhYWfsrkgfKScTaqcut-kmMuWBn-wKT1ZHzIlOMyVQm4ZRUohHMzr6nQ3_0V9jnD-eUs8LXEyL4i9LvK33CjQ-jN0D50s4LZ6ZZwPr5RaLj6uyxdLl0ynFRtlPS16QHglw_aRDNKCMayNajprEH_qG8lFRqDVVweN3_QFOVe7-q4590bMaDehkENdWrXSlAaPnginrcOY5ttwEYTesisRDq3eiCw7gdx0QOC_w35ridE-oCznPaymmAHP_r7UU1N1gasK5y5RXjsRj1yAx2pI7jJIysuMMRKbwtukVZ76dxySVqiWkasEgeuG2ssh9sU8NLRicmZUYcyIG8Xa363EMExWW6ffQ_2bCqSPRxzwlXP5D6xEmivl7VYyARl2_oawk18wRCVWByvFiOm5ymLM3A4h2p06kke8lAP42QZh6U5_sSf-q0zzJ3gCMh0a_f4YGoh4IlTvDv0AAC3QSEUhRrJibeCLMkEE8QLWP3d1ol33IV7DrkFoBBjaQya-WKVu0oxU5elO3UKWItT4xR4gGD4-QKmvs065TJa-Kkm_lb5h7LDdNCcKUv_dWBohpm2r1yJOuzQl33nlQ9cDMlQ6FdJNXG6mZRty5-Dec5OhHWgt0ozDUhfkAWfaas7C297XBWOB0F-aqKeDFVMlUeuSij6T-CWALSABPuj5dgAfWZzYPEntkhWZqEEaitYoAowHVMBZzhU8i1_R8Cbd2cGkCVAaGq_4Ot0IIU4E_VhURd-s6WQoniNKoRlDPuJ4avoWXsgFWhTk5ZSh4_j3Ulxr6yNT2n1QoPuTaYLXMtWc6T7DNFLSCXjniFKBntLh1Sb3SPLuRgBCILFBVv2aEk97e20VUjM-n1APfVs4XLdvAVg8wsLgJmJI7lQrujgO4c3uu3EM2zxH7k5j6rBAO_yYYuC1zs0vFXLAqNnrB25aLVkUnVO9pNVLxD6OLOwODyknGP7uYg1nGM-2ujvMr2s6x8Y&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9234408372139534000&adk=3047537735&idt=232&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15c04c666106033cde2dd673fe86441bd509e0f193ef908320cdb3f0339854b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12207
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3083105914124&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C3B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3083105914124&version=m202309260101&ct=77&x=1&cor=3809384833194545700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6C3B 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzxxBVXDH0S5eJdR8DSn2v3gYCceIvX9OuJjhTijVzvmFC4ynFJz1XzBo-TDfslTvGftcy0wTVmOnHGTVYfT9M_gOIKZ99NivQdv0bIJK8R3eFV1uQ9GL2yckTh3NgN1cU-fg9CSGPU4Qvbgt1KfgEXN88HMufbgqu7JoEyCubNKTykCk&cry=1&dbm_d=AKAmf-BD2WZWZqGkmD4tb1YVEfcnkZxeIMPi6B9kboMGpDgFkIB72fSLcDWhQHxPKgEq3JAOI3bRPG-uQVLCAtlrO1CAobC_Zb9q4U_qBfN8ciz7Et5zAkNgKJ5Pld6_ijsusJ6aFuEcf95tNhFR5Q4ai-A1tmsiHQP4HXwOO3gyLkUbR4yYd1m0-lVMybIl-PytlvZB-C6YaQ9Akf8jalFTUnZF_bKo674MD9UM0-gVXo2lm6-QmdVFTQB66hvHhebjtyNKO2A_FhTGbnMDdIe7hWs3WYHcyR7mK7IUrvcLS_mlNIyEoV94VRv9Af-9FK9RboMW3oTjIJE3Ll6NbkXYcZtelB4-_uF0P7lLTSDVxfGjNY6VM3BM6waqypvCb0N8VsosMBDSkQ_iJrZuTO5WPUNLREmj_QdUK5xbG3CTxG9LNejPGmMeLx6SXsujXyfIq4rQeS_K3Rz4jr_OjX_m_rrk5OKcQ3QwjNn6LkSzeBY5j8zQX5rd1FyCN1oH8-kum8VN6MikSh05SCysylgxL43MIXc5vphghKWG4OJhQ9DTMHkuBw7gZJ0UOE2aFfFhaJYd_KpfML6n561--1GojzSde5qPwLufJ28cALEHtas2GMJ9JiHJ2dNYeLtJwlkFIG-pbl8va0RwPxqZh-mBmSLSVKCfLIHJEpzS79eICulAp6U2EAmng6TAjw9dJ7Ivt8FFDiGIbD4FEvoSz_IQWDggPl8mvVum9voSc_krzy6bu5lK1CEYhTBUkeqC7evE4iP9GXCznutLT0kcdsUHVagCziYBOCh-FMb986yVwcRFFB_Qmo_SAgPpTzJmz1Pq2mdLsdKRw_TKEfS5AKrTzkQihcK44GvnyADfPZAH5CnU7HxXPIC8fHMkI9jKqYXEBYFYj9ZGTluIu9UKMil-5WDUAbNrLX2IWperO8-VLfkZSdfN8w_sDuDmrBmIogx0lUiCEqxsIQkXYFlvNXDz-M4tXjQFr42wYPxAt-a8COaQoKj1tQ_xYyJivJOTl7G4ZED-QzIQ-sPBRcXp9ylr-EddLgCfJsERNxdnVKrGsUYnWost3qN7pcsQ5l8GE29RPD17GPhJt8Zltjg3KvWF9zkZwDWzh7ueGEpxQUzBCtoi8JoMuvAb1tg07caYinrmfILNnRroWk4NdulXvAcWSmXhEEEcJNP8FQ583_WGhtAkI_xXq-_kuzdcF-0HFWeSiprB2qYOi2s2QdRRQxvNmQ5pWLxe3Dbb6u56pr23dyhNMTNejc5932ynhjK4--sjOK3snALYTVRhmm3MtiDtaimD-ofTuRQZcT5XzMPF3BwHqvVXy3vzCnXD4xVnrvtt2fc4SUIIhXaxaEl4lao3UNV3XRNKiGw6yc08VvCIWjX9YIqJ4yc14INCUxXWpx4fkAW6qfLrbV7CYJsnE-AVd3kASw6i1vlgedant1cbT0cVh6Ntf0Eg_NIfzPPquVjKhFrZjwIb-W_ahTrXSsikDFe3IQLo0Bns3giFWQ_qVz54bVkXItmIXw9KlojN69itzYDkJsyVrtkdA0WLGyp94e8XxaTQYcMazqrRlFe6lDKRJbDNEs8doX4W61pvFFv5nZWWRO7IqJggi05PEHB8ynK4N2znDbr6v3l3SOS5c56G9SOc_mO8FfTiCt4M1Ylk1XSUNFj3ZuPoPZ6ryycBIL5P_oMnrAsIc0s4qRnb0f4qYEdxVoW317f2clohCpodWyySK32BYSnOV-VNfNikX0hUhS9j0a7tBQjI2DH8IDJ-UV8TYFKq69ZXHJgtJVh7jpKRS6YWDk2Viu_8KzKfirNntk2HvFkNCR0hn5pou0sc0UL0XmlxPQmAnLJBrzfiLJOKE673GXNQX_9GE5lp0b6inYFzLSg-f1TNjfqp0HnKgFY-DMf867FfZOq8xc9B16kEe6kNoYU-N0C2YVEZDhjrX8xG-J5n7xTGswFPxokcUoVUY1qjI-851alHtiaQYqGARHrOny_vZMbvl1lQs0izFFuJxgZVU2lTh8Y-1ljdwjhlxFSKHzk2RH9BxUCbp9L0khcsjzCqo6DUrHR0Ha-0GELU_6i0Fjff8cvmSMHBxZaCyb4QSA6t7q_RzTSjpA6YIM3dMCG5sB2kdqXrX8c6ogmM0J7SR4JUGdKATTmxcPIV0QJFbA55POUQ2UgqrCdMoKjfsYwdJo3tS1LcuttGZxs5yB3qDQVmDIKn-O5JYl3ASwr1h18uTE_cFz1MyuPGgo4EQS_keQJfEAJBpTnmRJGvHiZFlcXg4VOR8rIhIK43M36jXgIu_3d0fLFNA3PNyr2rO4-_P676QSyAi4DwSPEZXQR1_4v3ojNAr13Ye_hn5aeyrUFqh8aGQhSIphoP1EyI_WeBJnBFoaWLKR7AVPzx6CXPeGM33apK2D9yDfiHMrAREww9YyFFAogeMy2s6psMY4pEs6Su2fnWBdT3fu2qxlpILHKLcfKCU8ksuzee7d7QmrXQItx121sR1drP0uDw_6xqxYHE6tN_sscgIyxM5Z6xRdGXN8ADdlE1Ko8jK7HMJ5KYuwJ1CMNlMRqViRDQfqPtds_MVnd_ojvTzWNQIR7m8GSttNh8g96pa6jPQ9N0n0dmvYacM7bKaYs5Qrd-Rt_nKy3mGEV11a2M4HpyrfGRDVDbxta9qO7eo232wjONYtBCZyO_gx2kiZlh01177gSQe-L69yf4sg40tEu4TQK1TSFxMEaIVekVU0BjTJULCTmxLEXfs8u8Eg0V3fIQ04nDG8uSqDE3onAX8H-5sgD2K0P-rhH1EJ-nq-lNCyGWWh-p6bGArJ7Bn4I6obR1BJMt3sTmv5n4s6BoWjknjPVWQaBzS3Y3XC9VMvdFKT-FOWpZ5n5zqsuT40kG9uROfhAyxPbonbBoj4eE_17efhhx8MQCUaz5pHf7-1WG6EyUW1JobXitVH1VRwVr3Mz-nBc9QBddpGeXfZsVh2mgX-s5x02nSU9rT0WgwYj2eXYhBMXP4x0P34RkA5WekDfCVxhyjyIjbKy1LmOXwxeNPuTgd-GVWAoS2Q64wetFjj9PXOnC8qn5LeGYIvMkLa6N8ciuuCnn2gbHQdTngRU02QwpaZ_Y0AYR49huVw9IMh0Wg8UDKFlpH0ecf2Viqe9emBw28ROOGlOZC4QxOp7fhXsBW_F9nWGDg4l_CDyJDtpclK5Q_Sb10xdwwLrSUmBhITbBwuEKELblqMGOj9NKLHCcrqBGZZG6qlAQL75-fiNFQ6ecOnNWqCwmNTEf9lRf5Lvsn17_4a40Gkc8s_1A3s6hY1Uon5aJfZ1PANat3rX7JMNTdlEoilNKCkmKXh-WnspbNIVOAtK8EL5q0hSAoUPoKPkiVX6YQ6f2Nv7lRNQ2EXRUwUrZRkzYqzxQAGDC0JPlnfxGL8l0-ahgoFuInNCW1-3oeOTXJM55WICqdyAHgLt1A4bYTsSrsQKln4XROKe71fWdBx1CK4bbBGvADX-xUU53_Vx7iHBQohoh9L3TTyy1SWgemakj0Ghvr1ESokwvrJ4aaSs2oIXJ0XN-Z4LHss1PDagAPwjg22T5n_KoWNx9QJ0G2KEk0HK_Axap8odZ1ymUmB57AIn4uJ6QpOGrSAYQis05o56T1M3FSIMD0I1En05MrycZAd97gvhq3q3ALO7lsvR5sTUFMruOobAQWvo7MKsC6my_MLA8GTe_yrYpDIZNzh2_ANO0NVUgpeSOlfdVlywOpy_rCjwOHfV39tCdi1yrcKwBy0nD3JvgviNMzkggohdVyiqaRVvcszq3lq962_xAnhtwaV8xQJoul-uu62L8vb3-jroke2Fy7YTNn4hj-k__YNetXbw2PrnlxL3yIIv3FzW91ZrKYyM8ptaUULYRhgKTCW_h9h0&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=3809384833194545700&adk=2857193498&idt=227&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9646ba51c6ddd3d78ac601bcf23b29c4a5f97c78a3c25069ad0832909e923e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8338 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3094893286664&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8338 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3094893286664&version=m202309260101&ct=77&x=1&cor=15497511220640748000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8338 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CleSFmAwwBb0t489ciS2ocyIBzL8uePk6KyzN1jo6Gf9Hx3ERmmjEkDO5HlChx5xqqy0XZ_1rA4NsUQ69VhzXhSkQ6ZozrAoc8ngc8_urO1XrcO-SYH_Ryqb7WLhphNCbKI_aeKL17YNG9bJsrVSJ6kq-BQwiC00p7lBIKMVyXxzZou-M&cry=1&dbm_d=AKAmf-C58Sc_cfkXMs-fn5j3EJjYZI5gxYR6g-j0s3entewDqs1jCBk_xtWYUVxnvW8O1xbbEGAxLi-q_zWD8LZYP8pReEH4H9QZQHJNd1jc0ea2PTRrXzCcNOoYwN4x_B5noFm9TGthA6wNbeyz_b0IXNbJAInUl_UYiHUCwDhHaUeGXpNVBtvSC1Qhom9TjLzM719UwUwlwE5zqRF3JSPDDGcmRrzJXun44Qq8gqxFLVGhCRGpi-Frpg4WTZ5z7UqoNJ_KeKC9i8HbBLxrWjcV2svh1LmUgtgVCANRywDXDASeyKnS_G4wAu8BVEawoeHgkpRrKG4jlNw5DOCJGv0S0CyBr44ExYw1JirhIlyNwvmm20VIOUM8Mg1xmdZcvhtGJ7w7rP4Csn_lePFb0HOfnFaY5pzNHqZedAEjZWL14qFZCs5crydYxG-uRo-Y_ashxo8YVkpKncJunQJtXhLK0StkxrFEs5ceZeCnpmF8w6PKyo8ly1AnAJFZZrnqY7gx2BAUX2hxtd5JaQ98RERjCE1-64YLBTWCr3KO15tXGq34_Jv4pDLREAHe5B0m2x0F16TI7gfz6xeHblyWFIjJlOcQAdneorZJRnfbtxV-Xfc1sRaZiPtj-IyK1SQ0eQphhol_GhlamHRlOTQgtS6yPdo7wHAXHIetFC-DttVRU65GL1mAeqsVWFJQS4pfkKXUsceVMtN692WyrMSX7aeIrJlRm7ui5tWG2Wmcf64Nuz1Q2b8KCewQxNx1q0o_B2BxxCrN1hva_WJDDqlLVYnVUtl6fsocHFuiIIK4qbEJqdfAxGxAbCuvOm7Mma-3KIKVEWrskGehsxKQUYiG3d84QWlcWFrpXdHCWbnwlce88YWNXWEopHmxN5X_pfIE0KNqApkfqu4UDGiXVZNG2KA9US9M9Vlp9swHbuMwwAcUpQfa5P5uZpMaHkYf4X1bbacEhtIA5BwS0QeZ0Yi3_QN4Cecv0LYpPKMOqu70YVWs4fhTlgg_i6n1Aj1M4T8DfvuqsiMZQdmk1vI2SriCQGfpiEB6x0DnQX5ndqnf35PqcyVApmn2t2WeAral2fv8USlcUshv92leUCn42idf-5S3XyP0YC1BZEZE2Bl_N9AEhasVEcIKJw6-7bmDrxIjGdavvug75bWwzqJigfpvxQQMyBhPQMrlXQdGBAShgm06tpXqvGfIXYesc4AAPO_mVISmOOkQCROtRor4ZIvAGjCkahaRuiVNZI3REejrqkgjuKHHXzZNB6BGwRxr8MBNHWplrAD6o47uH_3Zx3MxCaa5fu36bs75OZj9tgLjR3HUcSImx-ZMO9eeA0wPXTrrqiyxhsvJNCjspCxOTU4HZExJFK6VRVTTgKDqtWhFqR4ysvn3fioKstHReGG0awaUvBugVnQk5P1coXg_HiJPGUcgJuUT367TePOjDGvd1xE0gmlkMiNXEx_3NgUZ1NiezR5-24PJLZvtrW2ZBfg9JPRmav_nisb5GFLDOBSUWKIFYvBrNfeWzOHw4P4VsLEHlzMw_cIg549OwDXjLBlT1JgYANUc_5d7nYnQxlBqGndkn58Q5Tqe9uMkfaHQ1C5w9W_kNC99kPayigHjau4Eh86IPc7bD6dqaumqS6z-4EYmNbPCzUbFRLhPD85s17Z7Z27Ob1BDiC9ozWxxa0ryg1mZlwmuUkl2UjDWdn3DZwQMTS3lsaC5Js2EImQdcVXPLeqm5zxSq1mcXuI2np_qQnIDAE0fIcSzeIDEWzFeGFsGfQVehTkdLTpdQsMig23emKFGjvVkzDHFbXlOKVzpLl3DF_hq0EI_sdtcqUw3jyPiqJ2AcYa2vK_BcHX_7XDu2Wwi-uQwmvcFAmPhEjS2M3oVhlt4-aCq-tLu2BCHQnIVpnagxVY6p32sOA85vBmSdWR8BfxN3AA74c34AFcawZhYUCL3bRAArv9xNfJQvlzR6cgtzvtpb4w4bwjI_Oro4GyhjvPkuUT9k-ckuo5tl4jeLDtkC2ShOBlhO7B0HBfFv3VpKxyVOmvg0t6DUhoyrJbpA_Fymi_zaQUvsEpkV5pR38F2yPRZ2-6Vo9I6U8RfDO6Rb820Dsg1NLc28wSdkuNHHgMAjShZOQM83ckWDWymlllD1fePLq2H335gHSdTtrtPKhYPqKhNsKZjRq9X3VANHJVGxa09zEJPYcpQvMtw1h2r-6p5apiObjHL1LW3j8AMTlL67OYw2cjmDyGGjFUYMLFHBKg45x2cwWKk_-ll_Tm5dpar9opqDXta_-wFimBOnTNiliOqYB3m28UfNFXz-WnYq4-OBNbqWHLJKQjbkzmRWYo4Q4wuoMe8WHhKQ3sfSS4s2FC3Urlc3tEZhCH9gO1ctxYxejTktsN-IajMIFfYoDRw5h_Aa7s-AYEVqnTKefuBZlU6Qvv-U16Cz7UhuLc3KNeD3O83rN0CEhQizWaW6xAUOsdLIZ-qvTAYRMGnOIYtAmW4U30TJdzwincpUngjp-HdhGxSsalfjkyoiwSGqhY8QokfBBEoXTpuztCzY8r0kLOiMObgAf3TO_r1ixEKHG0pp1E9qTIEAohQewSl85KY2CEirIp6X00nwmGn9Zw-9XFWdh-aYFQDudMZQYthCBDxejaQxb28N4yL9ROOcMQ9erk94sCKskqBY7DzuQgUhAlZg6U_7da2H5rRPsCP5certx8nA2hf2N4Gp4l0gmeV7LIO2wfnCKQfsfCfziuMlvkCRTj0MxsNe61Hk_BfoSU3MWABtFiHCihJI4mHdu3QcROjjgjNKgFDk0HtjmDFXiCYKdZOVrCIvviUTwR3AwHbCYJ3QlFUpP00rPKgLAFzSQmmoBsPYeZhy0Ve2N_jSRrmoTbrjqd78NccdCPovrI5Yf5OkLXhhcYzHq94tE3fx2zVkPYsk6aVdOilVglPX_4Tjb4eoP1jm0lElt7ao-6lF7JKBl2W8ly1TSvtKLR0uLFmZQqvoiKBjfXpiYuT-jfVhPLb9wbhfySP-0nd_AqRIt1xmjpOAeU15vLhnNP6CEwtt5zCj7TdHF6Qb0yr_Rw69se5s_jzAwS41U_UWlAh3PEFhTS15O6MUnMcv0RrhDAS1_u5fQpW3Qr9bLsaEACwVLx5xUYzqv-RSTYH4f8v0u7RHENm7vzFe2V-xCtnhFfydyJgGzGC-HOQUuy3Uqrj8pGCjfHc3O5_D2U9R1PJGuRmtd7ZMvgAD6GJI8rqyguVUup2j9o-UlRggu0Q-5oGgI85-SKBDDdU9vjLWU5VaHjGzxL2QSgRD6Nu7VxE8vMxhVrH5slh2F3arSp8lLLkFvmF502ZbqpJ6up-2YYAS0dbPvag1ZWHDnMt0a8u-96p9ilWqFQMSe7wCYxboXGQ8TB2r_y_GulRXGv00m5kk9AMib5t6qqc8a86sBCNBYkK7JoxCTvLVdEiQ3znds4HKscvWP1GyC1KXQpJ8XZeCgqgyvfhl0pUobyTikiNJONiJnVsWspBurLEDDE8-WpM4jFH-HHaNb7jxB4Yz88MgjzpND9ZY-nUbscIfqxY1QwGYQHdfl4D_fd5R_Q1deZYvEe-F4vQDQdgmEWfq5zZQqgQu6r-XY6v8hoeoBDLvGEm46UqP1y7w0uQpS7LcdT-hfkiDtuzhhyKZ3ecB27DU0uR8W_cmZYvLwLEDvXfHiuGoM8fyC9WUYx0q5a9NIE8r5KGTKZqBo9WwoXfTs5UOyRKy8NGzbMwXqbfpyTR9yUBIDV1L0Xyml9yTEWJxWn7KOIk6RASCCFLy0FKmK2tUCN6Dd0lOBAgydAwbdAvro0ynZ6Ms57fsWLJyFoqciLwwjnJdabR4BNfPVC_vrPG8sB3Juqdx2CDgeGjtlKHYPGh2CRNvbrJEetCk70OMNwqTrpVdGzyv_mdTxuYc6Ox&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=15497511220640748000&adk=2086295851&idt=247&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03f796b40203a2abdb9f039f8226a6251b882996c1a4c39a0221f7cf3f39e2e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12251
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame 072B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1697743607102019&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
f7e18472939cdb4778358938e994c1717efd3f096c807e07862f0553b04affc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4282
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame CAFC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame 1AE7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1697743607102020&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
164caa457dfd1aadcbe1951cb25aa55a1d485cfce312c86b13f12db2e602d6c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4280
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
pagead2.googlesyndication.com/bg/ Frame 4C9A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
177740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14519
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6BB1 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV1y0PoXFZfb0OAdAlt2rbZx2CF_29GKrfZJgWMinSTivXVbZG1ltbesX3pYj_K304zev4G06EnZvHJk87d0S8nZnwiQsx7gOojNQtPSlkJkNII8HtD0TxlBRS0rPjqalLpk9v8Uuq551mG_6fCyGNCKr4RtBVtytcuUBPLEhugLCopQE&cry=1&dbm_d=AKAmf-DVJlnPuTapvdgZnyQ5uARlr9A6Y80bDxr2PIkeI_NRMcEr0lX3xcB4ajoEOq8rcVIa3Df_SaRNYPUVoJ-ao3sy7yj2gJ_catL4YI3Lu5dMXX52kihn3NaOl5RQ5XYrui-f5zfvC_KiTrmMtQ1_eg_D-0XKiN3UPyJ4mT_96gBx02Yqqy31bCLDpqPHABWs4Rj6w7-kyGVeRY3gMnn_5iux8VbJKhj0mmjcBZBOlaXSri9kzj2QNi1KT3jy0-dbBdrqddBJzvSOEPtxv-phQFTTbN8uohFw94lecyY72D1zrEVb7VUlnyVLDkewFZZuRVqAgThTgUNOqVO7HmzvlMtIxuWmCf_McHVQmxhoUXFKbhNjgLelMZXhaX7pmONLsplZSj_ySgIpB7dA4t4WaDUYha4q9iJ3ENWkkapWaHU1SWK7E9Ay8g-TWh8VBL4mm4sfI6r1LNnrSMPJJUJZEkAH1l8iMo44gLpw19wzz6jZ1YGHdPpjxoISsxuUVNNl-xNlHa2NI-aqCaarZCTY4todjpcDiSdpCggU-IMo6dl_Z73a4DIqZ8OD0FU77dgtlbngpy7ryaMPmV2jpNg0koG79C7ASBpmz3969P1DFQ6ADydb8EZklSowqg1i0-Pgm0ijcG4jpCaV0d9-Ug6Q1duMbmrccHLVhn7Lzh629zCo2QmE-DtFWlRAQGgGB9k6LdjU7mD2ULN2kmcriMQA1XAgn3b0rR2sSGu-nPhmP8-Nb7AcvbTHmarbWoQEvJ5VA1xBZD9yK80lnSLnnWV5UKS3qgj6AMcOdnvttJM58PSHXG_Hi5zulaxogHfnDW328f8XBTXWwcqTAkyGFpNIRtxVeq-Y13rZ2wvEBDFcceOEgnzFJ_uI9Bgliy_rwzeGJUKaaC7mSwrsY63eRxpG6CBeDNh5JHBsJ_T2T1MpdzD24jCjaaSrj1wErLtgr28SY_C20L69n7LfZgObOdmBPa02Swd8AACc9a1QDWVI1XN0f_DKbXi-lGVrcBIdKq_8DUL7o4Q5wemzkK9lhVgoIGgQsichGs_e2kXYL7yEJnEjIFknOWy3abwvb-Ih-BtyytSuv5Fwurr71jeCQFJY3DThiSY6tbaKwViLUnKS2CHNASJCUY-z6TeBJ7md-fdJBN3Rh6njvHt5LxEzBtsiASKbGMTh-iVo3ImNGf2Elk00F0THlNV-LsMddh4jeVvPIjKkiZS0LMajj_mQMG3aHeJyb7BLhX8JdiivCNUJvgiS9Oi3mMquodCf3SO8s_Zu6_KGgJeLgq0_0ArpVzICvF8ivR0T-gchP4mexEhO-zQOsotdPPrD_cS7SaaA51s89W-0VTSfj3aqSeM7crCz-v40E-Iq1wm1gZeh9IygqLuTyzjHBI-6LzAULE3_oSVmM3gvgOfN9hK6v2xxkWqWs81pIWFU3khYOxvabEkmxfOcspXbE1EQTR7A1xagGnLRv3aIiU3a4dTSMkFw77Wi2p7nphrlz6nIgCciHeiCXk02qtjrmAGACL6tDcYqXqE4zFaE0lrsuCG51Z0E-KvhWNa6WBsOlDimjtEh0XWdj9pupLcNMS9M8_ff1fUFTw1J5gn09FeG8yYywZlN9DZmT09bnB1E_o_JA9kictwH_m3kBaUHFtb3jHxojUoYC5QX39hlbx48a4s3ai5sODiiTM3pth_FF9xqC4rV10qzpBWxjOf_Wa-N3S1tWxocbuJdpmYtJ6uD5P7d53VGvHImDHAwMLDZ3B9tIwZ3ZuG8BZZ7wvq66LJw106ECgmHSxFjcUHLUdxNmRFHwvK8AhXyH5JDvPyhOjWn8TFFf7qJbxEgX1kkl5pSq-PEwOPfTfljcOqEzwVqZqwC144YxCDSFc99PwNlCGkyHambMdP9Do48CyX9DFoFUSi6_Q_wwMLIolUz0x6MlXQQ0qI3pTcD6YMXFqYEwWtk0mBFeOJ5F8ZCrYW2QhcpNSaWzjSF1UA_Ic8WZTsgaATPLDNF9IOyeX9RPwVylzmNrKtedzKuZIBRUkxStcE3ATCyQVnjhmnMebiaEQtJWK7pbYeZomv5aKXaa4zaa8aP99pk675aRdXbHTdj0OQRJvFauvbmp5-9eAPomQFW42Eurq6NeR6IVDg8cLlY01-S9dsQO_afhdDvqlxtAJHYlDaCJWpVrDSWw7LXT2EbpSwAXKB1Y2XEjT7KDXnqDHZuHjHX4J3MtFVb0n3Q1ze7bbG4_I5jjy22H-puc_N4T_e-R9q1kQP8O8OvhTJD4_coPayl6u3Ln5CN41J3bUriQv2-tr9oKIdSuOZ1WIgATMi_eA2BMCKcpGfM5Z3Yc3dcMW0n-PggCzqGjj1WRhjDWtQbpX76MMWjJ1STOLVq1Rn8KuR8_AnWjyCdxL4FbYq31iYWaZXW80bxH7thD_tj-_JSB5e_YvFA4EwJ77FxNxsNJAezSs2vK0CbfUV5vONe5GD26CBoog_g4SOP0YuiVx2-pAUi6fmlD8FbkqlhN1-qJa6ZQQty5wu2F4D4URaJEQE2_MllC3yh4heEEfZ-ccfagLXQA7TMdZv3eS58C6N1O7RirFeS6p1Hl5W3gN0z1_kzysyk-BTXzANJkGNCP6X32yiiBcC5rDuIeC9imURgA7K0-Dv_0AyUWHzNspfK0rdGTmkxDActvdW5WYaikNkzgUWMzbYRQ2Mx4rn3O8I4M8fSMer6VcLgAH9GMy87Gouc3R7IZZJzeZ-bsqWYwDeF4QjIIuoC-QBoP9wH5fohuh1Zs7w221vzAL4AE26D3Vh05j7LcVYrcXzya1XVafLLr82bN9wyS5kOQo7PdUMLE3cauWHf0K4zxnLd_LTpf2IFHRSvhMgRdy5v5ljiIa4WL67tRt2TEJt0uKT8lmNAfPbegr8QXC6Jvbm6HgZJlpJ-IfEvyoJd6lCZ3xhPZKvlgd8L78PBLXOpT_CDyeG47Cnk3Kudgy0zqI2KxAWy2XCzm5v1H5k4nqKhhstNaflDsDpnD1REgZqgcA1ZN2lWh4fwOuPqscymFjQKo1OHfEZdg6JN_OOuyroa1TBPUt0UPaapXuDhjUbFKEeLJJAlKiAq6T0giEYsb8z6Ye9rj5TN-T94xWv7PFfkXTltG0FKolx03yS4A6G3ybPZ1mUFskCO40QRNl9qKBzy3jioko_yCcsH0UEADC5nvxx6NNJfs2SdK-K9u5XjSz5e3wQDiCTox38iwh5BRMMR8CmnlrQwPKoAn40fviLMP1i6tyD7tmbu_u4ShDE--LPLt10Xsnm7SuKlXTvsXWR99iSNzB13VKfbHGsH7rugmOr1Lx8HAEXv-xbX3haD2zda9OsiEtJxicxnkbaQdosn1VYAfThcWfK2vvJDZhgd7KGncUp-A2XoQYV2reX7i_cyk9ZT2w4Vp6wBpyaEg-sJeAdODV-0mNjWUT9DWqg7y8_8JxGX0V7LjagjtlZ-OfA5D3bp097G3QUiGSFxAze4xe453sNxb8Pc2v_VLxSUI5-rgqR-VS3bUEXAurCiT7dFzIIUhPJCgRits6X6w5kvZfzXvaSxeqNlQVWddArvJYxpftATxnXBxAQgjCM40px-RTs5uyjSrowrKdaGkLzBofcdd7i8420PNsj8hx0B1lajCa0uGTKbZUi80oCQTuPYmWYVSaamiQi-LA3QkJ-3mDubC_82yYMTC0SeGxg-FL5W8hnTkmP8gbdq5B8TyyVgWfHYbddiPHIAjWTCVVF8Mbz5DxKN_uqHurCxtizHD9ZMCofw50RMCPXpecIoHyLOV2zKRVzu36qeuKJBKAfAsQJDYgV64slN2f_3o2RMccCHAXrbY_mWVwd77ZfoNB82N8xMv7UwO2G76vceIG1FlNZJDmreyAOrBBLfZp73nCY&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=1274052178991113200&adk=2228999115&idt=121&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
91445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame 6BB1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1697743605792133&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
623fbeb26821dac65a5562f9baa97e7dfd61c60def731cf8ccbc2bf825b3d3e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4172
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
8d07b282c8e661b71feb1e048005bbde.js
s0.2mdn.net/sadbundle/17616696938690754490/ Frame C708 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/8d07b282c8e661b71feb1e048005bbde.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 06:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30387
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 13 Oct 2024 06:43:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F9DF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90008.redintelligence.net/ Frame 4EBA
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e45f0e3dd3bb35a025c78fde6c6829c2facd5c4057f816057c57c5cb00947ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
80314200133353104444990012482008
Connection
close
Content-Length
1177
Expires
Thu, 19 Oct 2023 20:26:48 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 19 Oct 2023 20:26:48 +0200
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B3D3 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6C3B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzxxBVXDH0S5eJdR8DSn2v3gYCceIvX9OuJjhTijVzvmFC4ynFJz1XzBo-TDfslTvGftcy0wTVmOnHGTVYfT9M_gOIKZ99NivQdv0bIJK8R3eFV1uQ9GL2yckTh3NgN1cU-fg9CSGPU4Qvbgt1KfgEXN88HMufbgqu7JoEyCubNKTykCk&cry=1&dbm_d=AKAmf-BD2WZWZqGkmD4tb1YVEfcnkZxeIMPi6B9kboMGpDgFkIB72fSLcDWhQHxPKgEq3JAOI3bRPG-uQVLCAtlrO1CAobC_Zb9q4U_qBfN8ciz7Et5zAkNgKJ5Pld6_ijsusJ6aFuEcf95tNhFR5Q4ai-A1tmsiHQP4HXwOO3gyLkUbR4yYd1m0-lVMybIl-PytlvZB-C6YaQ9Akf8jalFTUnZF_bKo674MD9UM0-gVXo2lm6-QmdVFTQB66hvHhebjtyNKO2A_FhTGbnMDdIe7hWs3WYHcyR7mK7IUrvcLS_mlNIyEoV94VRv9Af-9FK9RboMW3oTjIJE3Ll6NbkXYcZtelB4-_uF0P7lLTSDVxfGjNY6VM3BM6waqypvCb0N8VsosMBDSkQ_iJrZuTO5WPUNLREmj_QdUK5xbG3CTxG9LNejPGmMeLx6SXsujXyfIq4rQeS_K3Rz4jr_OjX_m_rrk5OKcQ3QwjNn6LkSzeBY5j8zQX5rd1FyCN1oH8-kum8VN6MikSh05SCysylgxL43MIXc5vphghKWG4OJhQ9DTMHkuBw7gZJ0UOE2aFfFhaJYd_KpfML6n561--1GojzSde5qPwLufJ28cALEHtas2GMJ9JiHJ2dNYeLtJwlkFIG-pbl8va0RwPxqZh-mBmSLSVKCfLIHJEpzS79eICulAp6U2EAmng6TAjw9dJ7Ivt8FFDiGIbD4FEvoSz_IQWDggPl8mvVum9voSc_krzy6bu5lK1CEYhTBUkeqC7evE4iP9GXCznutLT0kcdsUHVagCziYBOCh-FMb986yVwcRFFB_Qmo_SAgPpTzJmz1Pq2mdLsdKRw_TKEfS5AKrTzkQihcK44GvnyADfPZAH5CnU7HxXPIC8fHMkI9jKqYXEBYFYj9ZGTluIu9UKMil-5WDUAbNrLX2IWperO8-VLfkZSdfN8w_sDuDmrBmIogx0lUiCEqxsIQkXYFlvNXDz-M4tXjQFr42wYPxAt-a8COaQoKj1tQ_xYyJivJOTl7G4ZED-QzIQ-sPBRcXp9ylr-EddLgCfJsERNxdnVKrGsUYnWost3qN7pcsQ5l8GE29RPD17GPhJt8Zltjg3KvWF9zkZwDWzh7ueGEpxQUzBCtoi8JoMuvAb1tg07caYinrmfILNnRroWk4NdulXvAcWSmXhEEEcJNP8FQ583_WGhtAkI_xXq-_kuzdcF-0HFWeSiprB2qYOi2s2QdRRQxvNmQ5pWLxe3Dbb6u56pr23dyhNMTNejc5932ynhjK4--sjOK3snALYTVRhmm3MtiDtaimD-ofTuRQZcT5XzMPF3BwHqvVXy3vzCnXD4xVnrvtt2fc4SUIIhXaxaEl4lao3UNV3XRNKiGw6yc08VvCIWjX9YIqJ4yc14INCUxXWpx4fkAW6qfLrbV7CYJsnE-AVd3kASw6i1vlgedant1cbT0cVh6Ntf0Eg_NIfzPPquVjKhFrZjwIb-W_ahTrXSsikDFe3IQLo0Bns3giFWQ_qVz54bVkXItmIXw9KlojN69itzYDkJsyVrtkdA0WLGyp94e8XxaTQYcMazqrRlFe6lDKRJbDNEs8doX4W61pvFFv5nZWWRO7IqJggi05PEHB8ynK4N2znDbr6v3l3SOS5c56G9SOc_mO8FfTiCt4M1Ylk1XSUNFj3ZuPoPZ6ryycBIL5P_oMnrAsIc0s4qRnb0f4qYEdxVoW317f2clohCpodWyySK32BYSnOV-VNfNikX0hUhS9j0a7tBQjI2DH8IDJ-UV8TYFKq69ZXHJgtJVh7jpKRS6YWDk2Viu_8KzKfirNntk2HvFkNCR0hn5pou0sc0UL0XmlxPQmAnLJBrzfiLJOKE673GXNQX_9GE5lp0b6inYFzLSg-f1TNjfqp0HnKgFY-DMf867FfZOq8xc9B16kEe6kNoYU-N0C2YVEZDhjrX8xG-J5n7xTGswFPxokcUoVUY1qjI-851alHtiaQYqGARHrOny_vZMbvl1lQs0izFFuJxgZVU2lTh8Y-1ljdwjhlxFSKHzk2RH9BxUCbp9L0khcsjzCqo6DUrHR0Ha-0GELU_6i0Fjff8cvmSMHBxZaCyb4QSA6t7q_RzTSjpA6YIM3dMCG5sB2kdqXrX8c6ogmM0J7SR4JUGdKATTmxcPIV0QJFbA55POUQ2UgqrCdMoKjfsYwdJo3tS1LcuttGZxs5yB3qDQVmDIKn-O5JYl3ASwr1h18uTE_cFz1MyuPGgo4EQS_keQJfEAJBpTnmRJGvHiZFlcXg4VOR8rIhIK43M36jXgIu_3d0fLFNA3PNyr2rO4-_P676QSyAi4DwSPEZXQR1_4v3ojNAr13Ye_hn5aeyrUFqh8aGQhSIphoP1EyI_WeBJnBFoaWLKR7AVPzx6CXPeGM33apK2D9yDfiHMrAREww9YyFFAogeMy2s6psMY4pEs6Su2fnWBdT3fu2qxlpILHKLcfKCU8ksuzee7d7QmrXQItx121sR1drP0uDw_6xqxYHE6tN_sscgIyxM5Z6xRdGXN8ADdlE1Ko8jK7HMJ5KYuwJ1CMNlMRqViRDQfqPtds_MVnd_ojvTzWNQIR7m8GSttNh8g96pa6jPQ9N0n0dmvYacM7bKaYs5Qrd-Rt_nKy3mGEV11a2M4HpyrfGRDVDbxta9qO7eo232wjONYtBCZyO_gx2kiZlh01177gSQe-L69yf4sg40tEu4TQK1TSFxMEaIVekVU0BjTJULCTmxLEXfs8u8Eg0V3fIQ04nDG8uSqDE3onAX8H-5sgD2K0P-rhH1EJ-nq-lNCyGWWh-p6bGArJ7Bn4I6obR1BJMt3sTmv5n4s6BoWjknjPVWQaBzS3Y3XC9VMvdFKT-FOWpZ5n5zqsuT40kG9uROfhAyxPbonbBoj4eE_17efhhx8MQCUaz5pHf7-1WG6EyUW1JobXitVH1VRwVr3Mz-nBc9QBddpGeXfZsVh2mgX-s5x02nSU9rT0WgwYj2eXYhBMXP4x0P34RkA5WekDfCVxhyjyIjbKy1LmOXwxeNPuTgd-GVWAoS2Q64wetFjj9PXOnC8qn5LeGYIvMkLa6N8ciuuCnn2gbHQdTngRU02QwpaZ_Y0AYR49huVw9IMh0Wg8UDKFlpH0ecf2Viqe9emBw28ROOGlOZC4QxOp7fhXsBW_F9nWGDg4l_CDyJDtpclK5Q_Sb10xdwwLrSUmBhITbBwuEKELblqMGOj9NKLHCcrqBGZZG6qlAQL75-fiNFQ6ecOnNWqCwmNTEf9lRf5Lvsn17_4a40Gkc8s_1A3s6hY1Uon5aJfZ1PANat3rX7JMNTdlEoilNKCkmKXh-WnspbNIVOAtK8EL5q0hSAoUPoKPkiVX6YQ6f2Nv7lRNQ2EXRUwUrZRkzYqzxQAGDC0JPlnfxGL8l0-ahgoFuInNCW1-3oeOTXJM55WICqdyAHgLt1A4bYTsSrsQKln4XROKe71fWdBx1CK4bbBGvADX-xUU53_Vx7iHBQohoh9L3TTyy1SWgemakj0Ghvr1ESokwvrJ4aaSs2oIXJ0XN-Z4LHss1PDagAPwjg22T5n_KoWNx9QJ0G2KEk0HK_Axap8odZ1ymUmB57AIn4uJ6QpOGrSAYQis05o56T1M3FSIMD0I1En05MrycZAd97gvhq3q3ALO7lsvR5sTUFMruOobAQWvo7MKsC6my_MLA8GTe_yrYpDIZNzh2_ANO0NVUgpeSOlfdVlywOpy_rCjwOHfV39tCdi1yrcKwBy0nD3JvgviNMzkggohdVyiqaRVvcszq3lq962_xAnhtwaV8xQJoul-uu62L8vb3-jroke2Fy7YTNn4hj-k__YNetXbw2PrnlxL3yIIv3FzW91ZrKYyM8ptaUULYRhgKTCW_h9h0&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=3809384833194545700&adk=2857193498&idt=227&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9132 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxukpFHS4_b9fVBe_xwqkSae7bUjUCDq2raEQPX9LQBSBSNaZn5Vn9SDuqH8s3i4_mvUYdKTXfNwPb_psvX327m8xR9WvWGQllz8msjKkKxxoD983XtIx_zWyE4Pi4Q16wABucgGZX-BZBpQ5iEFWDs0V7pNS0mph2cuDbP7icdesDAD0&cry=1&dbm_d=AKAmf-Az200MxY0tStGQ-3wqlzza9vwjhtjnkYR8O5s4r7M5ZLbxJYcp_cVZOT3JTOZndu0LzJs_tK_FB04Y6gKAJEFPVz0_0sckuIdLFAFkaO0GUIAbkIP3l76I1APqAHO6ld3URoE-tRUofbXkddLY3Ihgp61LarrbxTKCX6h1bK5px8AV3hytdJjMDP2nmnuZ9KnPK_dyK8BnWv4uV-aRx5ewJc8ICAlwJV1fAQ_jfgFfBA6Z7dj4f_tYbRZjVrRgGnosTFPEKpUpCLX8R9hr64t5uatorwNe1HEcZd7rB2YaOS8IGEvDSBf0JiQZm4S4z_zbJXNiOwIQ0myitizOzKkrFsmVkkQagDQbPB1YLNE4tFtwITwGIPoKFoeLd8TpmPKv7awhS39ZzwarihLABW5M09Bglu2ca1A5PQORnbbVyaumOycvIC4IEbiuHMnI4KxzeYnt9HPie6RRaPDZYYIEDeuw1-Jfv88FsQXFPptFBbKcqWLwgNOcfsgRsvawvA6DVy6BtRmXQD119QOei7xJjS1Fc5pNWYFGBimJB6dB4NLw7C5JmXkSlBWHP26eMX-9HL_bxI7C3osa8G20bMjaaoVnKS6JkvHavOxC4dk4kp-f9VlqgXQTmdFtDwCOJcuo5z34_4xT6UYTcrj4zw0h8Vqp-LTOVGFb5LugE-DiMiEhoXvzBkpFfimUSy16g_cAawfM5PQpPHX7Nuvx7-bKVAO5BM1FuOrQbYOVuJv_dH58NrnCz9OmgvocKWgIjYwIILD_YJw9w1zAqtyJpMhD-WlyJLbxvqmvSrHUyB7oT_CSPt07BLya6FLl-_mV9BNrRN57n-JkZFNb5c2zm-2ejS0fSwz09M9v52wY99TkBQiphkX1CC3qmsEc1IPqEAd8yYqx3J0rQUqoZu_jCb1P4iahn5NoQ3PcouhQGaDToh1qUAwlkEWWR-mJ6rD8IiE8sc6EY9eko4Wc5nCpdb2MPOEr6NRb8kQE95AAfCESPBTIRUYdUcumTojJC3AUkIVHsRhLUUDV361XZpTGIHG9iV2URtKPcQ-y2Glq0a8jBm9HHet2Kv44DIp6-AsFy9jxCLR7CzKznV6LJ1O3lxXEfDTnGEOHCxRWn5li43J8I1pybhHlj-OOuL_kbSu2YRB16HwUOynE0Uu9tIjfFQiA_2tcCZiBmO7KkIEeDyOV-aA5J4qZESbyTzPWQZRdyp1v0zC6CZoNzmR-SXaOG0moltc_XutzWcBXAhxmH4EKhF-1Igb2x-yJjSYt7Ct6N_18UEQaIYqVf0D2qT_KpPQ_5zU-IGOcqMtVNe8y0x577R-6J2gczIPY5NlH6OyvpP8wa8kFfk2-IcL-FdEDVyFwmMXa2B4SZRln4S1hpsY_eIMtaRDJs17UUEM-tiqfdqt-IFTpCIyFjP4CtmQc9c96QE71URV_3NlUBLQa58nkcrji1-yDvLtWekFRiBI5gQdVPyKIYntjX9Z6viphTjnXgOH0YpUWwHZ1T9pQw3ZjR86ekb60yNKRwVgb1rj19_a1v-YXWGWDpTInzodVjjJ74H-EguGA52jCF5lPcFGezUMfcf01g3fyBm_9QMlpfRQur5WXA72MvNj2Vdycyvdi25BEVjAPTQbHG_5JUC36E9iNopQdmroSs79i4vWg9h6M9vRZ5-XnUNTp_6KNwdDQdqJwc9zP2E1Zeho84maskntjLpwbIrAsQs58ZRHga2G0UgH0w2KevP_0T7XI_8wDe-E5ZuB0rHVtGb_7_KIku42Td1Yf6YzFy9itjYcGrOEweI28loXkdPHub76KHc7i-6M6CTSzf1CvF0eANFxW41NuZgUYV7VZCG2AzamrAHZMLiLxHlPuCDppwOpBTpBFIoOKogyHsH46gJN7dEUYB99LbPTiFDYv0OT42slQ9HhiYbJdbU10pozIJvM7mBUrFRGyMrbgSZDsYW9cyzllgvVKIEECy6Pquy7wZ42gcovQHoYAksGB9dWGsLCjqvgdvmZIgR79jSLtPdrlVLcMV0yI8IFn0J-49FTGuWs_n2IKnqn1jtRlv7PVdlS7IXL0HHXdpi33nhaMtt6voOHzVMYzBOhRHWXO9WQ3MEGYbPTAK2npeVq-ABryoPqxxPlG__d534e_qji28fCSnWW2duxyr1s3JnvTSgAMlxuYrcaLZrUlNcxsF6Ww2T5X9hv2ZyYZBYlYjKp5Gr9rmJxpkkb3fOJ5vYwCiOpcRBeY1cW9fjduRshLKYSKqUc3Hebwqy3qXKC6cPzzcrzPYdMH0ne8mBamsv_gLrDxq48GkJUYX3yzFdFammfSdROZ1uBYMsPW24EMhSpXljjspna27u0oQxmPb1E7lKaCBKLv-b6dEuUHFR-sFcgXKfKYXSjeXbDlrXR7_kvl7oxvDYM4wi0F5sT-H-db1FemA7UWld7KxBoEWyFbV9UQ-7nrMd7b0jtxFdzPn8e3ZXUWFFpqGTdbw_BGfAZFRWSuAIzlG-isBexm_CNuLE1vEbZ1qRRoDqVc3Mc3LBWmsDkznK4VW3HJFlicV4FLDOjlX3rQGhX7nTNt9Ws7tyTISsNKClc6bPPgIgMoLkHoCM8JpmMO-HwcEKgPalj2QI5Osd5h-r88xfU3W1O3N3CVVWk4z0ffDXrsZjJXwuck8oXzzwzp9GjBomf5tLZ_Ufl_5x4siebl9uthedAO1VlApiNifp8mh33l2tKLsG5N-rjDEIYxlC0Oapqy43Noo-WUCcyBFuWuk0Af8p2pQRr5yz5-V3WXTvdXskD9ztKc1EB2RlH9AtWH6IEBsCcv0Ij_P8bJmz0EMA6EQ2F5rbsG0u0N8JT2hf6nL2JARNp1Rlbh62cqS8kxbVK3Jc-OfTj5qvzdA_gJ-zJO_ST-1Et-sHOL1vYsgXtKhYWfsrkgfKScTaqcut-kmMuWBn-wKT1ZHzIlOMyVQm4ZRUohHMzr6nQ3_0V9jnD-eUs8LXEyL4i9LvK33CjQ-jN0D50s4LZ6ZZwPr5RaLj6uyxdLl0ynFRtlPS16QHglw_aRDNKCMayNajprEH_qG8lFRqDVVweN3_QFOVe7-q4590bMaDehkENdWrXSlAaPnginrcOY5ttwEYTesisRDq3eiCw7gdx0QOC_w35ridE-oCznPaymmAHP_r7UU1N1gasK5y5RXjsRj1yAx2pI7jJIysuMMRKbwtukVZ76dxySVqiWkasEgeuG2ssh9sU8NLRicmZUYcyIG8Xa363EMExWW6ffQ_2bCqSPRxzwlXP5D6xEmivl7VYyARl2_oawk18wRCVWByvFiOm5ymLM3A4h2p06kke8lAP42QZh6U5_sSf-q0zzJ3gCMh0a_f4YGoh4IlTvDv0AAC3QSEUhRrJibeCLMkEE8QLWP3d1ol33IV7DrkFoBBjaQya-WKVu0oxU5elO3UKWItT4xR4gGD4-QKmvs065TJa-Kkm_lb5h7LDdNCcKUv_dWBohpm2r1yJOuzQl33nlQ9cDMlQ6FdJNXG6mZRty5-Dec5OhHWgt0ozDUhfkAWfaas7C297XBWOB0F-aqKeDFVMlUeuSij6T-CWALSABPuj5dgAfWZzYPEntkhWZqEEaitYoAowHVMBZzhU8i1_R8Cbd2cGkCVAaGq_4Ot0IIU4E_VhURd-s6WQoniNKoRlDPuJ4avoWXsgFWhTk5ZSh4_j3Ulxr6yNT2n1QoPuTaYLXMtWc6T7DNFLSCXjniFKBntLh1Sb3SPLuRgBCILFBVv2aEk97e20VUjM-n1APfVs4XLdvAVg8wsLgJmJI7lQrujgO4c3uu3EM2zxH7k5j6rBAO_yYYuC1zs0vFXLAqNnrB25aLVkUnVO9pNVLxD6OLOwODyknGP7uYg1nGM-2ujvMr2s6x8Y&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9234408372139534000&adk=3047537735&idt=232&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
91445
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 18:02:43 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8338 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CleSFmAwwBb0t489ciS2ocyIBzL8uePk6KyzN1jo6Gf9Hx3ERmmjEkDO5HlChx5xqqy0XZ_1rA4NsUQ69VhzXhSkQ6ZozrAoc8ngc8_urO1XrcO-SYH_Ryqb7WLhphNCbKI_aeKL17YNG9bJsrVSJ6kq-BQwiC00p7lBIKMVyXxzZou-M&cry=1&dbm_d=AKAmf-C58Sc_cfkXMs-fn5j3EJjYZI5gxYR6g-j0s3entewDqs1jCBk_xtWYUVxnvW8O1xbbEGAxLi-q_zWD8LZYP8pReEH4H9QZQHJNd1jc0ea2PTRrXzCcNOoYwN4x_B5noFm9TGthA6wNbeyz_b0IXNbJAInUl_UYiHUCwDhHaUeGXpNVBtvSC1Qhom9TjLzM719UwUwlwE5zqRF3JSPDDGcmRrzJXun44Qq8gqxFLVGhCRGpi-Frpg4WTZ5z7UqoNJ_KeKC9i8HbBLxrWjcV2svh1LmUgtgVCANRywDXDASeyKnS_G4wAu8BVEawoeHgkpRrKG4jlNw5DOCJGv0S0CyBr44ExYw1JirhIlyNwvmm20VIOUM8Mg1xmdZcvhtGJ7w7rP4Csn_lePFb0HOfnFaY5pzNHqZedAEjZWL14qFZCs5crydYxG-uRo-Y_ashxo8YVkpKncJunQJtXhLK0StkxrFEs5ceZeCnpmF8w6PKyo8ly1AnAJFZZrnqY7gx2BAUX2hxtd5JaQ98RERjCE1-64YLBTWCr3KO15tXGq34_Jv4pDLREAHe5B0m2x0F16TI7gfz6xeHblyWFIjJlOcQAdneorZJRnfbtxV-Xfc1sRaZiPtj-IyK1SQ0eQphhol_GhlamHRlOTQgtS6yPdo7wHAXHIetFC-DttVRU65GL1mAeqsVWFJQS4pfkKXUsceVMtN692WyrMSX7aeIrJlRm7ui5tWG2Wmcf64Nuz1Q2b8KCewQxNx1q0o_B2BxxCrN1hva_WJDDqlLVYnVUtl6fsocHFuiIIK4qbEJqdfAxGxAbCuvOm7Mma-3KIKVEWrskGehsxKQUYiG3d84QWlcWFrpXdHCWbnwlce88YWNXWEopHmxN5X_pfIE0KNqApkfqu4UDGiXVZNG2KA9US9M9Vlp9swHbuMwwAcUpQfa5P5uZpMaHkYf4X1bbacEhtIA5BwS0QeZ0Yi3_QN4Cecv0LYpPKMOqu70YVWs4fhTlgg_i6n1Aj1M4T8DfvuqsiMZQdmk1vI2SriCQGfpiEB6x0DnQX5ndqnf35PqcyVApmn2t2WeAral2fv8USlcUshv92leUCn42idf-5S3XyP0YC1BZEZE2Bl_N9AEhasVEcIKJw6-7bmDrxIjGdavvug75bWwzqJigfpvxQQMyBhPQMrlXQdGBAShgm06tpXqvGfIXYesc4AAPO_mVISmOOkQCROtRor4ZIvAGjCkahaRuiVNZI3REejrqkgjuKHHXzZNB6BGwRxr8MBNHWplrAD6o47uH_3Zx3MxCaa5fu36bs75OZj9tgLjR3HUcSImx-ZMO9eeA0wPXTrrqiyxhsvJNCjspCxOTU4HZExJFK6VRVTTgKDqtWhFqR4ysvn3fioKstHReGG0awaUvBugVnQk5P1coXg_HiJPGUcgJuUT367TePOjDGvd1xE0gmlkMiNXEx_3NgUZ1NiezR5-24PJLZvtrW2ZBfg9JPRmav_nisb5GFLDOBSUWKIFYvBrNfeWzOHw4P4VsLEHlzMw_cIg549OwDXjLBlT1JgYANUc_5d7nYnQxlBqGndkn58Q5Tqe9uMkfaHQ1C5w9W_kNC99kPayigHjau4Eh86IPc7bD6dqaumqS6z-4EYmNbPCzUbFRLhPD85s17Z7Z27Ob1BDiC9ozWxxa0ryg1mZlwmuUkl2UjDWdn3DZwQMTS3lsaC5Js2EImQdcVXPLeqm5zxSq1mcXuI2np_qQnIDAE0fIcSzeIDEWzFeGFsGfQVehTkdLTpdQsMig23emKFGjvVkzDHFbXlOKVzpLl3DF_hq0EI_sdtcqUw3jyPiqJ2AcYa2vK_BcHX_7XDu2Wwi-uQwmvcFAmPhEjS2M3oVhlt4-aCq-tLu2BCHQnIVpnagxVY6p32sOA85vBmSdWR8BfxN3AA74c34AFcawZhYUCL3bRAArv9xNfJQvlzR6cgtzvtpb4w4bwjI_Oro4GyhjvPkuUT9k-ckuo5tl4jeLDtkC2ShOBlhO7B0HBfFv3VpKxyVOmvg0t6DUhoyrJbpA_Fymi_zaQUvsEpkV5pR38F2yPRZ2-6Vo9I6U8RfDO6Rb820Dsg1NLc28wSdkuNHHgMAjShZOQM83ckWDWymlllD1fePLq2H335gHSdTtrtPKhYPqKhNsKZjRq9X3VANHJVGxa09zEJPYcpQvMtw1h2r-6p5apiObjHL1LW3j8AMTlL67OYw2cjmDyGGjFUYMLFHBKg45x2cwWKk_-ll_Tm5dpar9opqDXta_-wFimBOnTNiliOqYB3m28UfNFXz-WnYq4-OBNbqWHLJKQjbkzmRWYo4Q4wuoMe8WHhKQ3sfSS4s2FC3Urlc3tEZhCH9gO1ctxYxejTktsN-IajMIFfYoDRw5h_Aa7s-AYEVqnTKefuBZlU6Qvv-U16Cz7UhuLc3KNeD3O83rN0CEhQizWaW6xAUOsdLIZ-qvTAYRMGnOIYtAmW4U30TJdzwincpUngjp-HdhGxSsalfjkyoiwSGqhY8QokfBBEoXTpuztCzY8r0kLOiMObgAf3TO_r1ixEKHG0pp1E9qTIEAohQewSl85KY2CEirIp6X00nwmGn9Zw-9XFWdh-aYFQDudMZQYthCBDxejaQxb28N4yL9ROOcMQ9erk94sCKskqBY7DzuQgUhAlZg6U_7da2H5rRPsCP5certx8nA2hf2N4Gp4l0gmeV7LIO2wfnCKQfsfCfziuMlvkCRTj0MxsNe61Hk_BfoSU3MWABtFiHCihJI4mHdu3QcROjjgjNKgFDk0HtjmDFXiCYKdZOVrCIvviUTwR3AwHbCYJ3QlFUpP00rPKgLAFzSQmmoBsPYeZhy0Ve2N_jSRrmoTbrjqd78NccdCPovrI5Yf5OkLXhhcYzHq94tE3fx2zVkPYsk6aVdOilVglPX_4Tjb4eoP1jm0lElt7ao-6lF7JKBl2W8ly1TSvtKLR0uLFmZQqvoiKBjfXpiYuT-jfVhPLb9wbhfySP-0nd_AqRIt1xmjpOAeU15vLhnNP6CEwtt5zCj7TdHF6Qb0yr_Rw69se5s_jzAwS41U_UWlAh3PEFhTS15O6MUnMcv0RrhDAS1_u5fQpW3Qr9bLsaEACwVLx5xUYzqv-RSTYH4f8v0u7RHENm7vzFe2V-xCtnhFfydyJgGzGC-HOQUuy3Uqrj8pGCjfHc3O5_D2U9R1PJGuRmtd7ZMvgAD6GJI8rqyguVUup2j9o-UlRggu0Q-5oGgI85-SKBDDdU9vjLWU5VaHjGzxL2QSgRD6Nu7VxE8vMxhVrH5slh2F3arSp8lLLkFvmF502ZbqpJ6up-2YYAS0dbPvag1ZWHDnMt0a8u-96p9ilWqFQMSe7wCYxboXGQ8TB2r_y_GulRXGv00m5kk9AMib5t6qqc8a86sBCNBYkK7JoxCTvLVdEiQ3znds4HKscvWP1GyC1KXQpJ8XZeCgqgyvfhl0pUobyTikiNJONiJnVsWspBurLEDDE8-WpM4jFH-HHaNb7jxB4Yz88MgjzpND9ZY-nUbscIfqxY1QwGYQHdfl4D_fd5R_Q1deZYvEe-F4vQDQdgmEWfq5zZQqgQu6r-XY6v8hoeoBDLvGEm46UqP1y7w0uQpS7LcdT-hfkiDtuzhhyKZ3ecB27DU0uR8W_cmZYvLwLEDvXfHiuGoM8fyC9WUYx0q5a9NIE8r5KGTKZqBo9WwoXfTs5UOyRKy8NGzbMwXqbfpyTR9yUBIDV1L0Xyml9yTEWJxWn7KOIk6RASCCFLy0FKmK2tUCN6Dd0lOBAgydAwbdAvro0ynZ6Ms57fsWLJyFoqciLwwjnJdabR4BNfPVC_vrPG8sB3Juqdx2CDgeGjtlKHYPGh2CRNvbrJEetCk70OMNwqTrpVdGzyv_mdTxuYc6Ox&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=15497511220640748000&adk=2086295851&idt=247&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
jf2y0amzcvu0
hal9000.redintelligence.net/zone/ Frame 6C3B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1697743605792135&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
184303b0ce47113ae5387b859f43e9a7b2bfb1ba7c9305959dcc3c35c594334b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4163
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E79 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 14:08:21 GMT
expires
Fri, 18 Oct 2024 14:08:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vjdy8w6hewcq
hal9000.redintelligence.net/zone/ Frame 9132 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1697743605792134&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM2M9YIxZcasMJKHtweU5qg4puW9oGmVk5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9At2xTIWX2eq5K7Lo6GXbugQh_vSLRhK_NVE3Vsud9MfstronYiobUwd5WmGVZaa-9sv__gnG7lPHzDX2gXgHR2wa0l8-Pm40PdOkm9fMYxN8zdpy2RAkvRudA17-KHW25dNY7sYRxTe-tpIWIBGl5wlVycgRWqGy8OGzNKeE6_1xGCigSm2AKmwz1wAA5j5vQU3Yj4Y84beA66bjwzg-38VvgkVwDt37LJ27zjMhcR91frpkRHDq4c_mwgAFjYw0imZ7uoFQ1f3D2vKXEu7BZeBXXXep9G5oP03Ul8njXbzxSXn4Sx7Og9OVjkq37Aj2FHwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsKWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1gB5-WomCZqS3DL-d0XbE7vK5JOQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvYFYGa4Y1sdQQpuoB2B1SwAkUYeb8ZzWmBDdLq31CKk4H5_UmPQMo6wa83NE31bEM_j37Aa9H7fnKjE5D4v_BPSGMdZeU3jB7ISxjAR9ImwCkFCI_kmLuTRJHU-WVp19-ITktK3P5ry0528IFzNVaM5rU2BPIMZFiFzgqA6vRMZD2tMM%26cry%3D1%26dbm_d%3DAKAmf-AP726XkEGuBygyu_bZrScSDz6UYfJFnYMVLVP58qADWmaJye-C9dmKDzN1U5mXhu5n2a8Lqd1RwTTLVH6Wj9Pg7f_oJrnCqE87VmkzWQ3kQL6mhVuPzexD6Cd6B1cDYhIhJlP-udY0n5gxWraNeG25ZMF_1O20HPBmiQLz_OgwKBGVsCzeJUph7AL3rLfN2J9KWmm1rQEeXzOu2gRGr26eF4nuOf8IOxpQNIMXXnQPvkdArSlKq8o_Tj1iVVHFEOHVFmoNi5Lw_bNX0rNvAwnG9p5SZjfmq5LkGVhAMHq57KUD9SMP_YWRwTRz4XbUozlX5rF4Vz7f_P_mtA44Vk-YZpwEqbHv7e_GNV1Zk0Iiu5LAXIcD5tbSWAuJPE6TJgTwfOBI0kL9NcFZP3IxJUFZYV-hvZMuIOlTAT7q9CviRPFv6REOGH7Nwk65B6qaYX7_T0m3uuR9Bd3XwQu8awRty521gUFA2SKJ_f-b8Ud658mcUL6sMGob6eLymR4THry1arvCDmcIwrL5XT87yzBxSX5JfPjBifWDcuo4ii1H67wNsFM%26adurl%3D
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
94dde8954b8bdd01477a469f9937f279cc483a955f1cc050fd686b3f690bb08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4170
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 8338 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1697743605792136&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo_p89YIxZcisMJKHtweU5qg4puW9oGmtlZynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPYBT9DPmRmHyjwO9SB12Dqbs_P1ZduW3pVoSOKG01T_e6AOb5V05ie7GLt-RGUKzSKPhfWvpyhvbAOeMPlLtJuQRxP9Wxq6tqTl5VOIhZ7dDfUHiuv08Pe4Ovsu6InCa9GbnHrHwk2fDvZe-sKZIh9TxtT-zkjTwCxA09rLVPPTvvZr2LqsbUptISdCgn5aC35YZHPeKH8fA7B5O5nIN-MLn6I2EBa8HnEWYYHRjeENaxb-9xr4g0fnV2c7KuyWjliLeO7EkfrLldgLo_0k2otyqwR-vieBZXMf9Wh9S7kPntLLrREd9GuqtJtDcgcC4-kr1P4p48akwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsqWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1qvsarJaWR0fJKsOlI-BhFEV-Kqw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-D9-De9BnAsGZ_n6y9ami1yh7wd_hQ5S79s8ELU7YbRkth0OAsQaZxz4wIf6EsVFyAxXX3Wsf32fSptCJ-KijWB9GiMld6uucVDjtGLIpPseIqK1hulDg-uEzR9rlqAzJwwqu8ckquw-YFir-KS-FbOC1Qv7Z6cI7LnItweugg84Ua82HI%26cry%3D1%26dbm_d%3DAKAmf-B5CMbjYZK5S4sFB-DbP19Yl3hJ60mtqcTKw9Y4_eA3FQV22Cllls4II7riff-Eq3OxkwAZ1FyQArtaBsn_cFsEyqQqLkCYtiCydb9f5t2Qz3MPJgK7kXAObR9Vigg2NL8-VS_vpf3a8RJioO-M2NTotty3kBmxnLmZxod82hfIVgwanf-SGb41aIJVPi02Nt-nKKZsfm6qp_XGOmN6jqbI153uW_kVdtNDOEVcHmLbnwynczvg91C6dJ3AL8lLSNeFNzWrLmbGD2f6i-LzIK6DuJdLPMcJG9-CfCV53_22aDLf6OhrqyuTSWKlvZ05DvgmSz7E34U5KxVRuSdJ9Svwq7t-C-ii4F27rm90u6vpzerUv0YD-SKrQYzrDA8oa0lBX1AzXXdwJpnm0LhyFbf2JPCQ9TaXLUcmUX8YYhVolbFUQBs4B7iMeU7xXiCJZ8Gh6AAR25SnMCfJFO45U8Q3b9pBulrUgcejaSnxcDWN-LyT-DS7i2Gaas3qtsYrqdOy7pk3KbLAGOOe21apaEpzlsWmOQ25yRMPRT8k6GOcOEzdD_E%26adurl%3D
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
0855169915236a960fb4bc92f2cdabf289dc0d4e8a8c28023f5c52bc58dfeda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4170
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal90001.redintelligence.net/ Frame 072B
Redirect Chain
  • https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
351a8994bad6fe8d6d587a765f38766de10da30f570d6965ec5311e99698465d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
50100700129201004444556012482001
Connection
close
Content-Length
1067
Expires
Thu, 19 Oct 2023 20:26:48 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 19 Oct 2023 20:26:48 +0200
request.php
hal900023.redintelligence.net/ Frame 1AE7
Redirect Chain
  • https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
531e70977ab4e20fdc9d3ab47fe345879d0f481d618ec16dd19874ee6c5ae800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
10432800151966504444556012482023
Connection
close
Content-Length
1071
Expires
Thu, 19 Oct 2023 20:26:48 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 19 Oct 2023 20:26:48 +0200
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame CAFC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
request.php
hal900015.redintelligence.net/ Frame 6BB1
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c9084ca48010030c47ec37e7b2b91f2a4e6974ee5298db9368099b2a2a0aefda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
46628900145680404445002012482015
Connection
close
Content-Length
1152
Expires
Thu, 19 Oct 2023 20:26:48 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 19 Oct 2023 20:26:48 +0200
css
fonts.googleapis.com/ Frame C708 		2 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17616696938690754490/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:38:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:48 GMT
6cd51d7a48dcbc331dee4e6468fd3541.png
s0.2mdn.net/sadbundle/17616696938690754490/media/ Frame C708 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/media/6cd51d7a48dcbc331dee4e6468fd3541.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6eceb5746c8f1db6c931105e7f1ef2062a7d7adf5355a0359226adda81c6ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:26:56 GMT
x-content-type-options
nosniff
age
597592
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57312
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 21:26:56 GMT
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/17616696938690754490/media/ Frame C708 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:42:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 628E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nOiwgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EDCE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?L5IG3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C708 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:26:14 GMT
x-content-type-options
nosniff
age
180034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 17:26:14 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame F9DF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4F0E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2EFA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 14:08:21 GMT
expires
Fri, 18 Oct 2024 14:08:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90004.redintelligence.net/ Frame 6C3B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=51676abb1a&subid=&uid=dcc83b560cac3151&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=7067946131244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1697743605792135&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
699b22bae98c1aa425ca06ee71fc333ee4ac2e74f719feca753b36e4c3fd114e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
46885000141710304444978012482004
Connection
close
Content-Length
1085
Expires
Thu, 19 Oct 2023 20:26:48 +0200
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 619D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900011.redintelligence.net/ Frame 9132 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=bf34d67643&subid=&uid=9548141bc63672a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM2M9YIxZcasMJKHtweU5qg4puW9oGmVk5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9At2xTIWX2eq5K7Lo6GXbugQh_vSLRhK_NVE3Vsud9MfstronYiobUwd5WmGVZaa-9sv__gnG7lPHzDX2gXgHR2wa0l8-Pm40PdOkm9fMYxN8zdpy2RAkvRudA17-KHW25dNY7sYRxTe-tpIWIBGl5wlVycgRWqGy8OGzNKeE6_1xGCigSm2AKmwz1wAA5j5vQU3Yj4Y84beA66bjwzg-38VvgkVwDt37LJ27zjMhcR91frpkRHDq4c_mwgAFjYw0imZ7uoFQ1f3D2vKXEu7BZeBXXXep9G5oP03Ul8njXbzxSXn4Sx7Og9OVjkq37Aj2FHwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsKWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1gB5-WomCZqS3DL-d0XbE7vK5JOQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvYFYGa4Y1sdQQpuoB2B1SwAkUYeb8ZzWmBDdLq31CKk4H5_UmPQMo6wa83NE31bEM_j37Aa9H7fnKjE5D4v_BPSGMdZeU3jB7ISxjAR9ImwCkFCI_kmLuTRJHU-WVp19-ITktK3P5ry0528IFzNVaM5rU2BPIMZFiFzgqA6vRMZD2tMM%26cry%3D1%26dbm_d%3DAKAmf-AP726XkEGuBygyu_bZrScSDz6UYfJFnYMVLVP58qADWmaJye-C9dmKDzN1U5mXhu5n2a8Lqd1RwTTLVH6Wj9Pg7f_oJrnCqE87VmkzWQ3kQL6mhVuPzexD6Cd6B1cDYhIhJlP-udY0n5gxWraNeG25ZMF_1O20HPBmiQLz_OgwKBGVsCzeJUph7AL3rLfN2J9KWmm1rQEeXzOu2gRGr26eF4nuOf8IOxpQNIMXXnQPvkdArSlKq8o_Tj1iVVHFEOHVFmoNi5Lw_bNX0rNvAwnG9p5SZjfmq5LkGVhAMHq57KUD9SMP_YWRwTRz4XbUozlX5rF4Vz7f_P_mtA44Vk-YZpwEqbHv7e_GNV1Zk0Iiu5LAXIcD5tbSWAuJPE6TJgTwfOBI0kL9NcFZP3IxJUFZYV-hvZMuIOlTAT7q9CviRPFv6REOGH7Nwk65B6qaYX7_T0m3uuR9Bd3XwQu8awRty521gUFA2SKJ_f-b8Ud658mcUL6sMGob6eLymR4THry1arvCDmcIwrL5XT87yzBxSX5JfPjBifWDcuo4ii1H67wNsFM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=8578660477102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1697743605792134&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM2M9YIxZcasMJKHtweU5qg4puW9oGmVk5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9At2xTIWX2eq5K7Lo6GXbugQh_vSLRhK_NVE3Vsud9MfstronYiobUwd5WmGVZaa-9sv__gnG7lPHzDX2gXgHR2wa0l8-Pm40PdOkm9fMYxN8zdpy2RAkvRudA17-KHW25dNY7sYRxTe-tpIWIBGl5wlVycgRWqGy8OGzNKeE6_1xGCigSm2AKmwz1wAA5j5vQU3Yj4Y84beA66bjwzg-38VvgkVwDt37LJ27zjMhcR91frpkRHDq4c_mwgAFjYw0imZ7uoFQ1f3D2vKXEu7BZeBXXXep9G5oP03Ul8njXbzxSXn4Sx7Og9OVjkq37Aj2FHwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsKWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1gB5-WomCZqS3DL-d0XbE7vK5JOQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvYFYGa4Y1sdQQpuoB2B1SwAkUYeb8ZzWmBDdLq31CKk4H5_UmPQMo6wa83NE31bEM_j37Aa9H7fnKjE5D4v_BPSGMdZeU3jB7ISxjAR9ImwCkFCI_kmLuTRJHU-WVp19-ITktK3P5ry0528IFzNVaM5rU2BPIMZFiFzgqA6vRMZD2tMM%26cry%3D1%26dbm_d%3DAKAmf-AP726XkEGuBygyu_bZrScSDz6UYfJFnYMVLVP58qADWmaJye-C9dmKDzN1U5mXhu5n2a8Lqd1RwTTLVH6Wj9Pg7f_oJrnCqE87VmkzWQ3kQL6mhVuPzexD6Cd6B1cDYhIhJlP-udY0n5gxWraNeG25ZMF_1O20HPBmiQLz_OgwKBGVsCzeJUph7AL3rLfN2J9KWmm1rQEeXzOu2gRGr26eF4nuOf8IOxpQNIMXXnQPvkdArSlKq8o_Tj1iVVHFEOHVFmoNi5Lw_bNX0rNvAwnG9p5SZjfmq5LkGVhAMHq57KUD9SMP_YWRwTRz4XbUozlX5rF4Vz7f_P_mtA44Vk-YZpwEqbHv7e_GNV1Zk0Iiu5LAXIcD5tbSWAuJPE6TJgTwfOBI0kL9NcFZP3IxJUFZYV-hvZMuIOlTAT7q9CviRPFv6REOGH7Nwk65B6qaYX7_T0m3uuR9Bd3XwQu8awRty521gUFA2SKJ_f-b8Ud658mcUL6sMGob6eLymR4THry1arvCDmcIwrL5XT87yzBxSX5JfPjBifWDcuo4ii1H67wNsFM%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f52166a1db3e3730d58fbb9764242f837f1143d3e709fdd4f29928e6e75de3d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
66928400169557904444990012482011
Connection
close
Content-Length
895
Expires
Thu, 19 Oct 2023 20:26:48 +0200
request.php
hal900017.redintelligence.net/ Frame 8338 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0at-FuAbViH75SXCt6KhDFxpo3xX1gZNBbX2a4QKJ-TJJev1sD1ubvvOVAiT8UZ-8IGs_r7B5Ga0IQg6y_m_CYS1Du4Va0blBHWRH4RtsX2KOnDeVnONFYByoc5yw9JF1SzJr05DSn-3X0iKBQAnq_3Ab3f0e4R3WqYzdOBYFp53hr3wods0WJqqVxGnCH0JvMe4i-8QOF_5H_M2kbGXfSg0RCTE3G6bGMGxJcXg_gSzRV_s0hmrYq8mFjvYnZqQeWDWgP8zpF0nGrmuxtWTjrnxFrKcbK2uu41wkR8J-PKYQPtLYXjADNT_x4_CeB2LpShyKmu8-2fRG2KI-EKwQrpbGDrhDyeOl7-AA9sSa0BKMnq5U2EOv0f6URD_gkPs8Yxu1-vSPTLWW8Skz47qv9cjwwy2MLg6JGxRAqQ5M3TDJFMC48gzhwOruyxaxuQE-vJtBtRu04Um-UuqrXowTnT2xtuivx11OC_QcrwEGaRrV4sRVgIlD0GDihxZQKS1KB9yknCwad1SMr_7AlGH137bpT0ESHZas8-HZhWu0XVLp96g72I5GcSNWy3pI81unlrzHLudPiyD9ZdkXa0zXEzNyEjpqokiBuwN7Zhbmd2K8G33hujvMztMiQPBhV-vEZ90RvnnlVEWzIuqx2ijvuFKJ-pustOPO-96VNjLeJSv_OPAhLqbrixZstJoJRAWeH-zbSAQd0zwI5Fp8iyjKZq5EpxAponUQkPntr9kdNYPEyQbruUhIE7LkC-Gj46w0nLJCfaGquiyHbltvbTiMnVl0jW_WgrMohvj42z0_69qE9Bep7Kt5-PD-dGCkHR11_qESOt8S4do-NHB0D11rMxkK7boqQgZKtLZAAKMJdgFmjd6xUEd5G3IWs1UHqRJuSeti4U5gCmyVb_PH5Y86xuW95cAy07_b0ybSaG7nSPxVGxLZnC9SmMHxVy6uqn3yKuyj-tDsbmZMDLG7Ec_SsLChzOLyc0SZCNeRE-Uef8qtlxn4m-mpwskz22Ny17zxZsDOMKgnKTL2609JyOx682YbtAUre2vsbIItFruSWh0Ib8gYcGcjh8UE9un0xtCY1z5b8ZaN1g_2MbAMgD1oGihkyXrQL7XgKNo2ioetZEPaA5zcCXBQLD8Gbz8vVccORe1O6TGFhUxpjRrzJXqRbMUOsLLbd7Ht-rb85tnRMfRBvNZhX4Y9gk03hBGL0mbnRumu3nS1R8VTcoE2_zeB53dgON82HraCqiw7L37wQoPaZZiySdXqXWXo2nXlOZtEmOQZvFrYnNGFlYUqlaTl7mHAaigf80wervHf-fIF5G-o3yLmbbsFxoDYRArZog_jdE-gnv2vtIIaOSaYyL4gQ7YoCstI&sai=AMfl-YSen35RwJL2Hj7cHhSjXI-pFthlOY0PBp-Mbg0DpjCSrJl1h-CGe1TE-sFgAhIi5sKz619xiGD1wjgIU3i_S5ajHyDdH_DzpzS6GgxoCnYarFqto6kvPc5XuEOOhvfChQLF5nghJmbUOfSCqR1u77ySfhd5MlR3y1NrVmWKilgij_eWQ2e9CZ-x3SauRC4Jyno5-tsk06pSo8OIkE8AOd5_lGK2dYecjKtr-B4Fr4oY8vvYwRrE1YMh5DEfV5dUzyhMdqNepoXaBY87mo0er_4KgzkWwUDeJOVs_8UP2IXvinlHiUBK6AxR6zibuA8Sh36MKUEwc1Wb6zePPN5cJATkP-Z4CSbPy1m2qsdIoCLxVm20MIogVT10Ie1enzuM9m8UCbvmN1KJAO0GHmXIgftiNBVbJof53w7zGJFYKN365HOgWV_X&sig=Cg0ArKJSzFmro6pMzDrWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=958&vt=11&dtpt=612&dett=3&cstd=342&cisv=r20231017.84791&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
fb2405b160d35da2c54812c244ca11bc.svg
s0.2mdn.net/sadbundle/17616696938690754490/media/ Frame C708 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/media/fb2405b160d35da2c54812c244ca11bc.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17616696938690754490/8d07b282c8e661b71feb1e048005bbde.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2357
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:42:20 GMT
bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
pagead2.googlesyndication.com/bg/ Frame B3D3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
177740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14519
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:28 GMT
bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
pagead2.googlesyndication.com/bg/ Frame 9E79 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
177740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14519
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:28 GMT
6cd51d7a48dcbc331dee4e6468fd3541.png
s0.2mdn.net/sadbundle/17616696938690754490/media/ Frame C708 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17616696938690754490/media/6cd51d7a48dcbc331dee4e6468fd3541.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6eceb5746c8f1db6c931105e7f1ef2062a7d7adf5355a0359226adda81c6ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17616696938690754490/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 21:26:56 GMT
x-content-type-options
nosniff
age
597592
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57312
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 14:42:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 21:26:56 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 4F0E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
313773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
pagead2.googlesyndication.com/bg/ Frame 2EFA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
177741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14519
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:28 GMT
bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
pagead2.googlesyndication.com/bg/ Frame 619D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
177741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14519
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 18:04:28 GMT
htlp
futalis.de/ Frame 89C3
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=80314200133353104444990012482008&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame A815 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 19:26:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 19:26:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame A8D2 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
50FF0764:B01E_91EFC182:01BB_653182F9_2984649:19772
link.html
track.webgains.com/ Frame 4EBA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=80314200133353104444990012482008&nw=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
444546703bec872a6d3536da911d204d4085e7906810dc02a42656262d2b758d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 19:27:49 GMT
request_content.php
hal90008.redintelligence.net/ Frame B7FC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=161f2e3e59&subid=&uid=b93380316a298891&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx3Uy94IxZYGdBpTGtwf-sITAAablvaBplZOcp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgShAk_QBhKK41WJP7DA1_qZBq26GCZj-ii3B-ssR-kz8WnsrRB2zXewBplZ__aYIwwwpRGG_glfW6mDwgciP_MI4HAzv-UE9VFESjTnlatQuoCyZNQ2Ur0h2NnGzNYsepEZB6tfDKulUkvK3WfmpuvFRlcmcqAUT5gP1U1O-XN0gxg6DmYdBoSQPBUh7bgpLYRDPFV_KhAjpS98osftkCITtlehFAN2IFclNcRKO3qEiQNMWMgwKUJ04IV1B7Kk-JIvHeBhW_Og3jnQuM3Bv9TUMERDLwRT1tzZbh2O0CSYeGov4fOWk1fonobxwjsqeDSZgTJEuZd8IJaSu2XfKEd_GjWxfp0Ll5t4x3h8VDcOqqg-sz6C_-6msyAmyCnkHxyyXX3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjqrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30iEYd8C_tfh231YCcx1rMmWSNpA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZejlJlWni5KdaM586t1ZOOq4ii5L8atolRrg_DzL3Cp9Hnl9GOcKji09ULoWP5QNECKgUqBHCrGI568QmITDmnQdsZCmEY7YY_1byJdRACAPEX1YLZX0qDTskITY4raJt28fu9rhsovb8uKrd0PhRirapj15AbXSpG8S0L7UwkzdaZ2o%26cry%3D1%26dbm_d%3DAKAmf-CxcXAxcrgGj6HoMCsd4T_OSeh5PWBIdjeA3fuWpIXOolNIHAxpGVW4h88Md-SiWwY0bE6Cmqt9Q9YIDHmmfINq3-aFCVNpdprAfr7G7B7Td-laMjqr9E7HR29DTg3-RmfYrVUCbW3SSPxHhK0Uj3OOcCwG4IEkPsfBfyLUzcHE-elN32feyxSYhvIcL0qnstONoB_4wzHAWg4L3Qr_moPmA7L5EIcncjuPfPEPAltmmIm3xPqA3xBzYXTj4GwO17l-AQX8jGz3He1tfY3PPs5koMwnWdzlh_Sx9VVMsGZrYBrFY-xDT5-BjjFrNrvSZzfulQR4ILgLekjZwSS7xJ28x89OD6xtnMxxXIEY3x8Y2H7WFXRONoBnICT4t8YzD6IxdQGteufHMoAYfXtxxYQMiY0UaxRkUIDEdu5nyKQQN7gi_nexS5ElhQnKgnGapDrPtbBfdhzHi9ZEQk_j00Um6wtSJUtt0KbxJLugFTsKV7ADLgDxGq4rxWZQ7teREMPRVkkiZ2sMPswd2Ph003-5MmgzG7LDza7w1UcuxThAChxzs-ZRNVOHOdTfpaEbu1Aae9DFqUg381GXwX_AThBgziBDfocqHQArXYj6CgZF1NNsOw28qSxl6zBJIW9yOYsWGQOv77i9JR8UG81FNrSbR4HOsA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8711750946712&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
92fe826d8ef9b9f8c0aa6a2fde75a247b396cd5dc03efd392daa0d8d209ba8ba

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2207
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 19:26:49 GMT
Expires
Thu, 19 Oct 2023 20:26:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 4EBA 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=80314200133353104444990012482008&pv=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 4EBA
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
50FF0764:B022_91EFC182:01BB_653182F9_2954737:1193C
x-iplb-instance
40027
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=80314200133353104444990012482008&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
content-length
154
content-type
text/html
htlp
futalis.de/ Frame 3909
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46628900145680404445002012482015&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame A492 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 19:26:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 19:26:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 590D 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46628900145680404445002012482015&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
50FF0764:B022_91EFC182:01BB_653182F9_2954724:1193C
link.html
track.webgains.com/ Frame 6BB1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=46628900145680404445002012482015&nw=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ea8576643dc7e543a9cc79f38b53a00177c102cfa6e93c4b42ab47e4f1021616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 19:27:49 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 6BB1 		0
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46628900145680404445002012482015&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
50FF0764:B020_91EFC182:01BB_653182F9_2986843:19776
x-iplb-instance
40028
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 6BB1 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=46628900145680404445002012482015&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=5e9aacf417&subid=&uid=3e67844dd32f74de&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTm-U9YIxZcWsMJKHtweU5qg4puW9oGmdl5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPIBT9BgXwHWnANCZ0-cxjQ6F95ILH5mrH-kv09aRk86fxGBtl5JCCBKqgyRLD_F9eXUd5Y5NsncgLTRkKT54jQR4JzyQcDqDLj7fRQJZDcSUnGrTZnUZtXcrB1os7RBXhpREmdNIThYWN2hBizIqxfkzT0PRXQ9spfpaK8czK2nmgtTWynlgzwYA2seZKINfTyfKImaWLLclWGknAHYTcAzjmH9zcV9_gOhUekJIhZRRbEKDARczwe_sqLzkJkiBbZBAVV-S25F8IqZUP7wAnyZfgnYmfd0n9cU_Z3VoOswSvJcF3SiQnA0QG-GP9dlEkYb1afABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJEReINEwivpajk64KCAxWSw-0KHRQzCgewE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_3y2aePm6VYNb0H7Stja3yhmhjuGg%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DcuU_gwBmh5_12mwO2YOzTOrhvuSkum-_7VUPkPABBXjThM4owT7i8Y0CcYt5veH_oVTRZFXC1w0ZxU70H_GPL5nncC3XTv8NRWiibpuGqkhHaZ-bTMevur7SEjMJkg6Se0M0zjo5uXo15_hTN2Okdn45vEeSGrdBRx-cqzPZtr5wmQB4%26cry%3D1%26dbm_d%3DAKAmf-AtHLp7g9Pu4bUo9uhj_HTCfzv1cx16tlq0BUgXtw_4txECKYLqCs32dp6EvPMGr6JPJScVfstcMZkHbe773f6pxIxAQMm5ZCbJxL2FL2ulLpmihLwmkU0tNfYWo3yakC0gm29I-1qkKt7mEbT-wU_4GMljr7qaOARzGxmMne1qDft1X-i56egh8V56iNT-vkBJa2diGYqEEnbsVKRNq1EOJMgaaZUUEzUI5Emj9DTahJvtjI532ZSgZQmoLU_wZMfGKZ8RnFz8DcLzyAzacfE0rLW04Ter2Y8TYL7xeKZm1RkWKkoHQyCsYXn9NGa8tO2YInyXVg9mOJmf9uSxoz138nI-oTHJNGl6K-KpRhlO8gCvtMn6NHzXxcj6x_epIOO2x3bDP4ZBjx1PrkFJeVfO9bb5__SLVOGev3VErFWiLSW04wf2SMUF3K8iiGSf-vNhfWg3CcgIFW2QZ3K2VYGHkGsCGURvyV4zXyjBQ7ZTAQ-5eotpmjEo3NwgudX22W2nKwrBzitOUdq4bSDplsko7WhMaG-OE6_GDcCfskvKvGpwQds%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4439021659431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
50FF0764:B01C_91EFC182:01BB_653182F9_295605D:1193B
x-iplb-instance
40027
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
htlp
futalis.de/ Frame 5C77
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=10432800151966504444556012482023&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame A3F7 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 19:26:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 19:26:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 1AE7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=10432800151966504444556012482023&nw=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
4229ab04b35386232c53ddaddfe60cdae44edda07129671e2a434d5c6d46e1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 19:27:49 GMT
request_content.php
hal900023.redintelligence.net/ Frame 6F6D 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=fe2dbcf8ea&subid=&uid=d8fadd3f6ab37201&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBRgB94IxZYSdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_Q1-2uVIlvhx8pX7-XmBCF2arko9GObyRc9Mp3ofhz7iGVPFYF7Vgo1u7nKyX9D7ylzeW-wIYqmVP8Kx4shQPbnccjE4KSIsmt6PvOAMHuYnQwolWAhl7Tlw3SxTSeV2eKmMSKmjsoW340k6-EWO0s2X72ckE3-kvGKINwlgB6fWOLzU_XnJ_pKCZzuV7VGVrfp0QnreFCYwOgEN3vTj0zlG7ovtCC6KUPMq9tCIjwZE0NtCp4GzSqCowFPda_xm20G31hLD18LoPQ9zeOmrBwRKqWf3QHp7NxA8fDSv8xdjOrWDWKJ3yBma-cvSN9fAnBIsnc_hI-4gYmuIkHA5dLveWfYnKkkLE9j6x085WgJo45zXWwxEb09HpX9TsHMjiKhVDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjsrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_30HWh-zJOCalIRbC9Ow4Kg9RS18w%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DZy6QOjHaesHN_RicxPscZYNeyRRQjUJKhrFwcrR6-GlwsllpjNRjmOa44VmCM6Ppr2TDtHQbO4oC6KmkeU_G9oz50PpCIWzho_I4g0-xpDa4fXRTPZGpiCD6wIDNmuclND0WQg_UEvQC7e8fv-xbXD0cncUriA9PCxJUTA5kj4Grkrmk%26cry%3D1%26dbm_d%3DAKAmf-DjfJLTNIf8AQeLnxvn3uQLcmIn_Wdp-WZrkKZ1KanJM733m1vBb5njJinMa4rF8O61jXf8nQzTdwgvaptPf6TuoG1uAnjmXQ-e5_25UtfKn0B0-XgSqL5fyT-gzNuSt--N2LQDGpmbL39UllkbIZiJeVDB8i4dT_d5i-NZv9EdR2wzhezQQrvhd2CL1cSMk7ucks9BdQ-V5rmOtkpZ2c-eTqlXIZcnEXXBG1DlU5ccQD0f8xFuCuq_glYcgfSq-xTx4BFMxLIH-wiXnAuCYR0NjqNqTO0xI6tLmoaPt8O8NmtUH7F5K2XXRGkvF8L2ud-yNgPaqIyhRW0lrJWssAxvxwZuCOO073NBtZsRa8zOi4aNmDH6SGBKHSH1Vv42Vlz2fsxR77uCYMQMpWVtwBOrrkhCjvLqLo21zF-x9xN9Y6MPLeZHvg2a9LJ67ldTOnBEkTIROrQIr5-H-N7fiys_ZxSDx5ckm5GOV-g8Os03JVOf4xKIsMgTBTV5bss7_sKCXWdpPoaH8W75FJz9tZ_SGyijvkWfQNbQY8QQBupSr4BycEFOdKSSX93isp86SWJvvUVWvd0uT2MrRd41sw5mnegu0bpyxLBygzLyRGH2ST9vtiLySbC73UaEU1q_U8rUaBP5pDqeaMWSxr8ec-pOcjyFGw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=9450452208291&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
48e9510c5a817c5dae41d98687d85687843c6c2ef0bc4a62a58d76f61f43e8c3

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2022
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 19:26:49 GMT
Expires
Thu, 19 Oct 2023 20:26:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 1AE7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=10432800151966504444556012482023&pv=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 37B6 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4EBA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a2a3fb4671b341b7794da7073a6aa91ab8953febb0db83dff4574ad7e25d49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75E6 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
htlp
futalis.de/ Frame 4436
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46885000141710304444978012482004&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=51676abb1a&subid=&uid=dcc83b560cac3151&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=7067946131244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame C78E 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=51676abb1a&subid=&uid=dcc83b560cac3151&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=7067946131244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 19:26:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 19:26:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame E5B0 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=46885000141710304444978012482004&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=51676abb1a&subid=&uid=dcc83b560cac3151&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=7067946131244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
50FF0764:B01C_91EFC182:01BB_653182F9_2956072:1193B
link.html
track.webgains.com/ Frame 6C3B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=46885000141710304444978012482004&nw=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
02b7d7ce6d7b024a8d93d921d013bcdb981dc22cade30f43d6d5906f0f8d7029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 19:27:49 GMT
request_content.php
hal90004.redintelligence.net/ Frame 296C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=46885000141710304444978012482004&a=247d5787
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=51676abb1a&subid=&uid=dcc83b560cac3151&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5EC09YIxZcesMJKHtweU5qg4puW9oGm9mJynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9BjrMhAVCN_BrSsQmO8fjRZZ7MQMchIhXnO6d7670cV-qlhDweF2x9Uy3zGojay3sYNUX_AY7XMKdb5--S1Fxav67l9xjPP2Aw0kJC3tLDFF7qXB_kPKuvVhQPzn9FRvRdypeeJv8igo8AHAa2pBYc5yab_7l3A4zVCLvVjr78tF2FzeGktCKUG6_clhgxrEfGKp2PDTCmQU9M5DTM9GxSSZ_nQV03RFDc6vFN2Tm31laAFs7HqjhvB95H2oEbHFfBcKdfFjlszXjX3UQBmMWxBJi9zzofAYVxYrf1GgWTyOpKL0x7Pcbnl2lnExGC2uLihwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsaWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_2lepE1GNE31kaLFdm3XMwPJcYl7Q%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-CGz9h3jtQaIbxw2ve5iI3VAon7apEcyyG3SaiUzqcEywglbl3dwAMq94aDlDMQkXPmKjS13jEhemAWVF7FlUb2r5gKTD0ha7XADDG6jmeXA9Y1018WbAkjcMWnPJq8Q7kxFF16UzIBNdYOwc0j2WQpL7hP4PKgcze1TBA2Qf3CdvRurTA%26cry%3D1%26dbm_d%3DAKAmf-B9Qep-RPOy5EjupDXXm6i37dubancxRTh2a_utOWSJsVI5KAO1PRIuKXPxnMXip4oay1XYLkGu1wHAbpMDBULWMLx163OBVlzZddE-t12v5P1BKsOXssBb9kODC0_nf8_D2YQA0VX9WStgWqJKYvX51LSzTWbBhKzalUO2ir6FyL1tH_Mf7UfKxCQgSYZQDz_XtdNBX25pttYS-_FNr73Yy-bSt3xXtQWm7wBzPgX2Dkrx4wCKUMLOkIOeIj0xXt1uLEQLcacBu9jWwojHv2RO9rbavQbMaHbjJDD4Uy_ypkUruJVq87W3qOPeeiyBRd-yQ6dJKDu-0rwIzzwfcbdwWieuOBe7prGFylmNmveJ57eSLZcMfnU1Hw68JhXURf2hwwy-jMDu4V14Ai9Lge4IM34_D7q6S5pObts8wK4SO4hzBwx5zlmPJxjIJaz1HqMhXtM539Cbn8yNMJeajpMyzKEHHDDGVtsRK-_COlJEZf2QgtGIQLpvrf88MSBoSq7BwPQSz2ZVzYdHox0HNFUUp9EqupxFi-48bxIMMUHYpRf64I4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=7067946131244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1c4cdcc778d481961b081ea97c2a8d81f2fe211d3f0615e422ca29131c5036fa

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2040
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 19:26:49 GMT
Expires
Thu, 19 Oct 2023 20:26:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
htlp
futalis.de/ Frame 295B
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=50100700129201004444556012482001&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 19:26:49 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
/
adv.office-partner.de/ Frame 60E2 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Thu, 19 Oct 2023 19:26:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Thu, 26 Oct 2023 19:26:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 072B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=50100700129201004444556012482001&nw=1
Requested by
Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
138cb06ead97c507814a4796b8895249ffa67232c069a761f9e919cc78890eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Thu, 19 Oct 2023 19:26:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 19 Oct 2023 19:27:49 GMT
request_content.php
hal90001.redintelligence.net/ Frame 3173 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90001.redintelligence.net/request_content.php?s=50100700129201004444556012482001&a=81e23d14
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=0e0726c3ef&subid=&uid=da519eb5a782a53d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC51Uw94IxZYOdBpTGtwf-sITAAablvaBpnZycp8kP8C4QASDCptYbYJWCgICsB8gBCakCtuPN-GG2sT6oAwHIA5sEqgSkAk_QoE64hps_uzErWV6wuhC0M8le7cvFsohWTKI9xintYALBD1bB-Et5Hbxyv8gUPyCh24CtScEIZYUkE2aS-wckKOr2POCBlPh6N2Q5x8XXqFYpDvnLIf7xwkVZYWFddzNHqZnDBNVArK67k2Qo_8_9oA20qIiWZ2LVVgLaTVS_xu-50GVujb3r56mAPg5nKhjzMtu6-Mjzi3bc7-X4UV0ypUN2MjkNHa3SSdrPkQEKIRN_27Cei6cpXvURqyzTh0panDRdKDKX2FRiPra9j3FKjK3N12uuWWfDEmB91ZlSG1wJ5IUW2sjyVTCbrbAFy-IqEuOApnUBLeubt4y7WSadN6Z--mWf0E2RH7JEfhyUvPp41Mugb9S8FAXDphzB-WoqnJjABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJEReINEwjrrfnk64KCAxUU4-0KHX4YARiwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDICaaNwjikY3z2s-YJ9UE3X-IqQEFf80jAP2O62gCIgpkfyItljh1tGAE%26sig%3DAOD64_03WCp_WNn3daryNMWUQsOC3eo0TQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AfJwu_Rk93vlFpyRjZqcNgNaoGap1V0r2SVIwZOq93KG_7aRBGNj-fqrhs70M2aHePOgZNDLvL2rElQj9P-sf6d8qxeCFbdMIViTmS7A__0jI-Hbh-gD3xpz6FF9_-KS5vip0InaRyu1WvP_QDkU8c2YPLRszrnuPErubk0GMxbA2kZSo%26cry%3D1%26dbm_d%3DAKAmf-BTW8gHCf1RkNc1PVE_FLcGULnAfEdnkLoUYc2hlecqvvveUW_5BV7wKB1O5RLupsUnb52XVUXussVmfcGZ4K3DH9dDauHIlpPQzAzd4fYNjfQ0iDA54LIIK1zfpjDRWNYSXoT6jb8T-ylHvUs-70DlslLxQ-e2w4AvbEQtcwjgqDoYGR_JIizULA8d_dYQ_sYxSajBNDM_ZI1rG5Gqym4PkbXfOOTqF-QxXgA79PkynlPD1DOQqhF9P9WlCefzN63Odl5KGPkIY0JQH-crlDRL-IDbJ9DXm_xNrr1f_YipbDaVyYJuxRG20pB-55EGTJcd-rvVO0B3VhuWSNgHpgZJ7RNH6azeV92GyVqnhZC0BSbiF3dOfQhp6UHx318dFYYsYBBDQ2hKAw1K1wIHNfqpHwwIT6Nx0FBfXCUnDMgfsHmhsi72XJEc8rgWifwH07YJXRCRzvgDDXGwP_PC629qR7CqjD7KdpTIaMBdY3DOBz_bgXpsL5yAWUOV7DsnBHpGifkh2_SlHjU-ORnUtoaeI52a6TuV1QL5e55OZATEZfaCEY6o2zdFnkMgklYzIdfzDEFB5O5n_-N5Nokb6JTNrEqv1F32-UXs8vy2p5j2oL_g86VbB8BmpaiLbMJJaJgv_9_rxGEX21lFgtROYu4ZxAaY9A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.tecmundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.tecmundo.com.br%2Chttps%3A%2F%2Fwww.baixaki.com.br&random=8583989420925&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
c2a0de8afa42cc4bd115906f912c106760f73b108860708ec84e0f008d043563

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2014
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 19:26:49 GMT
Expires
Thu, 19 Oct 2023 20:26:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 072B 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=50100700129201004444556012482001&pv=1
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C9A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfytK9YIxZcSsMJKHtweU5qg4AAAAADgB4AQC&bg=!urmlufbNAAY5nEQaGZw7ADQBe5WfOEkMfRLNcdsy3e482TIYQEPTUB64gXMqLNnQbaU1uzVAci91ONES6PZZ6nNpPJoOAgAAAfxSAAAADWgBBwoAU3ExFp6qAlT4gOl6KMbKYQhnDZKGQqlnSIBPt5p5EkdlyoVf1wJMgpVrZjHmdKngTDU0RE--zi5x16NSu_5RR4NTs1b1LZWywVTubMW-EhPHMbYVmQMPWR0dKaACdqU73y1thN0E-jguffFWp21QHUuFBiu4R0CYJlhcSegFuD0uPBr11Mvo62sQr74TnBO8d9cD9-paDf2mPyqsQWLsqdjWXujKJjFz09vI78PGCsmXcSzSvhgvtsdcjNFBGt2OOcsRaEAW61Pm6zUFS_VAqJkCqAQ2a1sTe-NCLCffOYseLgvKjVayTDcrf_9OrvtrFfRmnWEFRgIBU_wV3YkOw0E2zYgk1AJyaRf4ezNaqRs0AJZo606dtw-UGMWwIbAGYru4BsR2cl2UGET5CH1LhoeeE4bLMuGOdgjLZC1X5qm1-TLpDREgmgvfPJ51wYM-5Y3BYnk-26BmaoK5DNLrE40pAiAryGKobQRZhv6tXBsJFui1x0-4KWB6wJ9aKUSmkYk9UIQJjGHW3BTDUgPnpIN2bvyniUB1nNope5r3DPj4Z3ghJX13AD72w81dAKWlao500ZAB3uyO3V3Udmmna0MohSSb3vhLZBdpqysLwxFVemUYV9qtovlnBmeD8-GzgWFtRQFe1LzcVjAiBsQ05WSXDBKx2vZXoIrhBptlkaJQDoP8qikRgUCV82uiDgXStnBxLExkLKZHl_iXsrS_3Xap3D79cCsVOp1oIlSBBkIQhw3NzeoYDdEixSIlVZ8Qfpnkl2ePdNmu_MfsURHbFBt5O62Ay-YL_Iwdkk0oaVR8juQMkFVqw_o-stiGWC5A9np-4BXCw-g20iIpr0KuvZUOHM-uf9ceLzCN5Sjqr5eWzSh1trL_-pG9En6e3DNspyLXwDw766jW_oqCcYx3s4vO2cltSavICLwz_T4GakxKYnV5zAsggiBSA1MzcCzlEFOa7Ds9aRINYAMST72ZqZ2tklilK2n4hViTFDSLhW5wp-fuRYdixR91aLcD9YN_TqzpaNH_AsisOMRZd_uXs1QuXMZFs02W5XOa6_x1yolc6pozJCUIM2nHgUruytRcn4NCw6OD7H40pvPQdFvOMDcC1pKVvY6GGyvrr1WfdQ2v3iSOKLXHTLP2q74LGYyxWFs6Lh3j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame B7FC 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:42:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:49 GMT
/
hal9000.redintelligence.net/scale/ Frame B7FC 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
37c0278d1d6d1922c13591e186444aae7f4ac2c1f6e1eed6ceecbca1981832d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47178
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B7FC 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
d6acc43aa647e19d541460c4fbc95203b8b306a54ca7f81888d67fba25071dbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57466
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B7FC 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
46756a2f9fefdd294d7c9223a629ab85e1043ed0e1c5fa742cf3d092f816e28b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
37342
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B7FC 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
83c89840a23cdebc594290a90e1b5b8a36b4cadc98fa23f0840c43d385922ae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
css
fonts.googleapis.com/ Frame 6F6D 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:41:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 6F6D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
122a0624f74f2cc9e4293ee3e3eb8b047af5e289bff81d0819cc4cfe0415f549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20629
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6F6D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
13304966dea0ecfe90373f59ce4ba7dac8b3601904a01c193495ee353409331a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6F6D 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=10432800151966504444556012482023&a=187574bf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
57c7b0d36e7ac985ea0af056baff00705336552982bb7974d3eb76170ddd156a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16832
Vary
Accept-Encoding
Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D00 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6C3B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f1a9f32eb0be578f5546550cc9561c6ed8517812c759dd3a981975bf04b0039

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
request_content.php
hal900011.redintelligence.net/ Frame E956 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900011.redintelligence.net/request_content.php?s=66928400169557904444990012482011&a=00b3c423
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=bf34d67643&subid=&uid=9548141bc63672a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUM2M9YIxZcasMJKHtweU5qg4puW9oGmVk5ynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPMBT9At2xTIWX2eq5K7Lo6GXbugQh_vSLRhK_NVE3Vsud9MfstronYiobUwd5WmGVZaa-9sv__gnG7lPHzDX2gXgHR2wa0l8-Pm40PdOkm9fMYxN8zdpy2RAkvRudA17-KHW25dNY7sYRxTe-tpIWIBGl5wlVycgRWqGy8OGzNKeE6_1xGCigSm2AKmwz1wAA5j5vQU3Yj4Y84beA66bjwzg-38VvgkVwDt37LJ27zjMhcR91frpkRHDq4c_mwgAFjYw0imZ7uoFQ1f3D2vKXEu7BZeBXXXep9G5oP03Ul8njXbzxSXn4Sx7Og9OVjkq37Aj2FHwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsKWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1gB5-WomCZqS3DL-d0XbE7vK5JOQ%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvYFYGa4Y1sdQQpuoB2B1SwAkUYeb8ZzWmBDdLq31CKk4H5_UmPQMo6wa83NE31bEM_j37Aa9H7fnKjE5D4v_BPSGMdZeU3jB7ISxjAR9ImwCkFCI_kmLuTRJHU-WVp19-ITktK3P5ry0528IFzNVaM5rU2BPIMZFiFzgqA6vRMZD2tMM%26cry%3D1%26dbm_d%3DAKAmf-AP726XkEGuBygyu_bZrScSDz6UYfJFnYMVLVP58qADWmaJye-C9dmKDzN1U5mXhu5n2a8Lqd1RwTTLVH6Wj9Pg7f_oJrnCqE87VmkzWQ3kQL6mhVuPzexD6Cd6B1cDYhIhJlP-udY0n5gxWraNeG25ZMF_1O20HPBmiQLz_OgwKBGVsCzeJUph7AL3rLfN2J9KWmm1rQEeXzOu2gRGr26eF4nuOf8IOxpQNIMXXnQPvkdArSlKq8o_Tj1iVVHFEOHVFmoNi5Lw_bNX0rNvAwnG9p5SZjfmq5LkGVhAMHq57KUD9SMP_YWRwTRz4XbUozlX5rF4Vz7f_P_mtA44Vk-YZpwEqbHv7e_GNV1Zk0Iiu5LAXIcD5tbSWAuJPE6TJgTwfOBI0kL9NcFZP3IxJUFZYV-hvZMuIOlTAT7q9CviRPFv6REOGH7Nwk65B6qaYX7_T0m3uuR9Bd3XwQu8awRty521gUFA2SKJ_f-b8Ud658mcUL6sMGob6eLymR4THry1arvCDmcIwrL5XT87yzBxSX5JfPjBifWDcuo4ii1H67wNsFM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=8578660477102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7db946144ae784e99131c8b61036ae8e4e0a6a5d04dda9baa8cd225a5ea3dd3e

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2176
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 19:26:49 GMT
Expires
Thu, 19 Oct 2023 20:26:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 9132 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=66928400169557904444990012482011&pv=1
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
impression.php
t23.intelliad.de/ Frame 9132 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1697743609&co=
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.138.165 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:49 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
cshow.php
www.awin1.com/ Frame 9132 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=66928400169557904444990012482011&pv=1
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 9132 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3458780&v=55355&q=466255&r=296283&pref1=66928400169557904444990012482011&pv=1
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 19:26:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 245F 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ Frame A492 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26a038723744753ccc70f7a637b5412b518bfd03e01030bb0243bb726f2cf729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64343
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 98B9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskx5ljoUmOWAUCdmOoBNcoR4QNr6-Y3Poy2W0s8iXZ8gLDWivby93rdlvfPFImxEvJ3yyrAXoU2miYsaAGTOQij9poh8Vad5lEJzAmgfztMnY5EZF3Ay7e6BzHQIUGDdOR6grh7XljesqF&sai=AMfl-YRDuj4ZE2RV2GVq3J2BdmDIfOW04zfMAi6VyMlE3z9YrZwwedcb1L18fvVz3bAjkjjyhWd_dX_ZY-1CuaV6IW4hYG4891m4FJAttuaoY3CVGXrGAtcYFBlE8mja&sig=Cg0ArKJSzA2r4J1CYdqxEAE&cid=CAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB&id=lidar2&mcvt=1164&p=86,315,336,1285&mtos=1164,1164,1164,1164,1164&tos=1164,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3987075887&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697743607763&rpt=473&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame A3F7 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9901b7c7f1b92588bae61817c0e10ea4f46a5c99fd1247fcff1fca704b7e90c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64350
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:49 GMT
gtm.js
www.googletagmanager.com/ Frame A815 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26a038723744753ccc70f7a637b5412b518bfd03e01030bb0243bb726f2cf729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64343
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:49 GMT
ts.js
cdn.retailads.net/ Frame 3909 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468720
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame 295B 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468737
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame 89C3 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468722
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame 5C77 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468727
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
ts.js
cdn.retailads.net/ Frame 4436 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3215468734
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D0FC 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL: https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 20 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9132 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
245b83cb51a26339d611aa7a019a85915b4f0f16eeac1d2fd09605e782043618

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 296C 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=46885000141710304444978012482004&a=247d5787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:01:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 296C 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=46885000141710304444978012482004&a=247d5787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
b656ab9fe577d14224b0779b2e9629c68a01fe00aa7c96875bfad7ed5b8cec92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
65262
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 296C 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=46885000141710304444978012482004&a=247d5787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 296C 		0
0
css
fonts.googleapis.com/ Frame 3173 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=50100700129201004444556012482001&a=81e23d14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:41:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 3173 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=50100700129201004444556012482001&a=81e23d14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
122a0624f74f2cc9e4293ee3e3eb8b047af5e289bff81d0819cc4cfe0415f549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20629
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3173 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=50100700129201004444556012482001&a=81e23d14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
13304966dea0ecfe90373f59ce4ba7dac8b3601904a01c193495ee353409331a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90001.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25830
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3173 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 37B6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAFgfT3yBt8dmkhsqJNMVxo&google_cver=1&google_push=AXcoOmTSisi9s1MBUpBxNvx-V_X50hPtdzVUKS48Y9wPeVVX8XTPcWfLZLcXjjr2u-Vtpo6b4rgK6_Wl2FYSjnhGdKgfPKPJxdk
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1720 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 37B6 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMqDNuo0e04Ms7uYRbQu-X4&google_cver=1&google_push=AXcoOmQd5BNLcEOpBU09GhynXI_8qgG1Mcd8lRLIwLLpQiynCxsCAvuqdMQGP2GExSK13whVtVJNWDFVUMqTBpjZQtWWxDWWOA
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dds
rtb.openx.net/sync/ Frame 37B6 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO6wHeyssQQrE73-JnXLcxw&google_cver=1&google_push=AXcoOmTd6mQH_330z7gab41VdfPz0KcR0Eh8m2Cc8eHiW7mRZsblNkUWjKobKTMprdE0lA4E6kHIQZeqO8ffvEJSvVFOafGCic4
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 19:26:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 37B6 		0
0
ebda
match.360yield.com/match/ Frame 37B6 		0
0
pixel
cm.g.doubleclick.net/ Frame 37B6
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAv3dQD_-1I3p_qxU4WEnjY&google_cver=1&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTM3ODEyMzQyNDQ2MjA1ODQwOQ%3D%3D&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4...
0
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 37B6 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEC9HKWzveZm5Su270LCuqn0&google_cver=1&google_push=AXcoOmT_Y80aWDPKa68SncKjNKHIxo6oHbpo5uZKDAkISkwi26oyR8mGWnC_SO_CaDH4q6l3PDmGyEDkvIY8qT5YDpGYTMiflzC3
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 37B6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ju8d0HjBO3GbXMPjY2bqnqG1RbKDnGQO7B5AQMPW9ldLPhspP9--v5uzAUB0gzVxDCIdw3rw
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gtm.js
www.googletagmanager.com/ Frame C78E 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
013e2e5681f8d53040b833d9dabcfe94dd73eca378333cb391e53ab665e0a2ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64391
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:49 GMT
gtm.js
www.googletagmanager.com/ Frame 60E2 		175 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26a038723744753ccc70f7a637b5412b518bfd03e01030bb0243bb726f2cf729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64343
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 19:26:49 GMT
css
fonts.googleapis.com/ Frame E956 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=66928400169557904444990012482011&a=00b3c423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 18:41:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 19:26:49 GMT
/
hal9000.redintelligence.net/scale/ Frame E956 		0
0
/
hal9000.redintelligence.net/scale/ Frame E956 		0
0
/
hal9000.redintelligence.net/scale/ Frame E956 		0
0
/
hal9000.redintelligence.net/scale/ Frame E956 		0
0
viewability
hal90008.redintelligence.net/ Frame B7FC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=80314200133353104444990012482008&a=c63474bf&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=80314200133353104444990012482008&a=ee629f5f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 19:26:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900023.redintelligence.net/ Frame 6F6D 		0
0
pixel
cm.g.doubleclick.net/ Frame 75E6
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK_-ei2oqMDLXzeKeG8MnKQ&google_cver=1&google_push=AXcoOmQWYWyk7N7cfvxJ888mOVCIlqstczGlJYOp7Su6i2AGkfZ34TciOx...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWYWyk7N7cfvxJ888mOVCIlqstczGlJYOp7Su6i2AGkfZ34TciOxE0nWn399MXVtzvOzuRRmfcvKXNzYGFnwOpM2K-7w&google_hm=kkdfKFf0NjrV1D...
0
0
cm
gcm.ctnsnet.com/int/ Frame 75E6 		0
0
sync
x.bidswitch.net/ Frame 75E6 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ1c0K6JHrhd1mLKAr1fN_I&google_cver=1&google_push=AXcoOmQXpUSnk_NW3j8NOK6uWwxPFjkohX73fV8GYehntSZcPcLfcCUxqP01CP6KsBE7-5eDczJRUQtNa9FDvqcTE0FQWS_8zw
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
ssbsync.smartadserver.com/api/ Frame 75E6 		0
0
pixel
cm.g.doubleclick.net/ Frame 75E6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELWPMkS3ifocwsOjapUlHPo&google_cver=1&google_push=AXcoOmRVCKvU3NpEo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx&google_gid=CAESELWPMkS3ifocwsOjapUlHPo&google_cver=1&google_push=AXcoOmRVCKvU3NpEogq5x4L7W3f7nhnA55AKdylxff...
0
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 75E6 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEC9HKWzveZm5Su270LCuqn0&google_cver=1&google_push=AXcoOmQd-r71LNGScl4MP7V3NsScPsbN6f4TmNSZi7Eo-JbOrw3aefm3JhtMJseq3SZYRi9VgOjPhY_9h0tVFLRcpUJeueXe7klu
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
csync.loopme.me/ Frame 75E6 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 75E6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jq4E83o33C0GTxFx32XCm4inyxf_DroS09sWhFzdis43bsOlxD-pQQJ_fe2dlhzoVS5t5Sm4te
Requested by
Host: f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
URL: https://f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:26:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 4EBA 		0
0
1x1.png
cdn.track.production.webgains.team/7121/ Frame 4EBA 		0
0
pvClk.min.js
analytics.webgains.io/ Frame 6BB1 		0
0
1x1.png
cdn.track.production.webgains.team/7121/ Frame 6BB1 		0
0
pvClk.min.js
analytics.webgains.io/ Frame 1AE7 		0
0
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 1AE7 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
cs
ad.turn.com/r/ Frame 9D00 		0
0
gp_match
um.simpli.fi/ Frame 9D00 		0
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9D00 		0
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9D00 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 9D00 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 9D00 		0
0
ebda
eb2.3lift.com/ Frame 9D00 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9D00 		0
0
pvClk.min.js
analytics.webgains.io/ Frame 072B 		0
0
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 072B 		0
0
pvClk.min.js
analytics.webgains.io/ Frame 6C3B 		0
0
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 6C3B 		0
0
cs
ad.turn.com/r/ Frame 245F 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame 245F 		0
0
google_pixel
ads.travelaudience.com/ Frame 245F 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 245F 		0
0
/
c1.adform.net/serving/cookie/match/ Frame 245F 		0
0
/
onetag-sys.com/match/ Frame 245F 		0
0
um
sync.teads.tv/ Frame 245F 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 245F 		0
0
viewability
hal90004.redintelligence.net/ Frame 296C 		0
0
viewability
hal90001.redintelligence.net/ Frame 3173 		0
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B7FC 		0
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B7FC 		0
0
request_content.php
hal900015.redintelligence.net/ Frame B335 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 046D 		0
0
truncated
/ Frame 6BB1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fc69fc749b48c375543b3254543184151fb2215fb4e354df359250481066a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
viewability
hal900011.redintelligence.net/ Frame E956 		0
0
ping_match.gif
pm.w55c.net/ Frame D0FC 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame D0FC 		0
0
adx
pr-bh.ybp.yahoo.com/sync/ Frame D0FC 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame D0FC 		0
0
-
s.ad.smaato.net/c/n/// Frame D0FC 		0
0
/
onetag-sys.com/match/ Frame D0FC 		0
0
/
onetag-sys.com/match/ Frame D0FC 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame D0FC 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 598B 		0
0
container.html
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDDF 		0
0
js
www.googletagmanager.com/gtag/ Frame A815 		0
0
js
www.googletagmanager.com/gtag/ Frame A3F7 		0
0
js
www.googletagmanager.com/gtag/ Frame A492 		0
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 296C 		0
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 296C 		0
0
js
www.googletagmanager.com/gtag/ Frame C78E 		0
0
js
www.googletagmanager.com/gtag/ Frame 60E2 		0
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E956 		0
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E956 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAFC 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F9DF 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E79 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3D3 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F0E 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EFA 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 619D 		0
0
a
www.googletagmanager.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEEciOFCMs6abQKY7hTUh0Q&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpbcS6UZ2WsNlUXcFb6Pjw&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
hal900017.redintelligence.net
URL
https://hal900017.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=8f516a3c7b&subid=&uid=e2796880dea6049f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo_p89YIxZcisMJKHtweU5qg4puW9oGmtlZynyQ_wLhABIMKm1htglYKAgKwHyAEJqQIHAGnPssCxPqgDAcgDmwSqBPYBT9DPmRmHyjwO9SB12Dqbs_P1ZduW3pVoSOKG01T_e6AOb5V05ie7GLt-RGUKzSKPhfWvpyhvbAOeMPlLtJuQRxP9Wxq6tqTl5VOIhZ7dDfUHiuv08Pe4Ovsu6InCa9GbnHrHwk2fDvZe-sKZIh9TxtT-zkjTwCxA09rLVPPTvvZr2LqsbUptISdCgn5aC35YZHPeKH8fA7B5O5nIN-MLn6I2EBa8HnEWYYHRjeENaxb-9xr4g0fnV2c7KuyWjliLeO7EkfrLldgLo_0k2otyqwR-vieBZXMf9Wh9S7kPntLLrREd9GuqtJtDcgcC4-kr1P4p48akwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIsqWo5OuCggMVksPtCh0UMwoHsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSPADICaaND1zGp6dUvU--dETx1j47xvv5hJ_iBJZ1_nFT-Irb7rFrJ3VOCnwyz3lxjGaaSKFC9z5xjh5qyBgB%26sig%3DAOD64_1qvsarJaWR0fJKsOlI-BhFEV-Kqw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-D9-De9BnAsGZ_n6y9ami1yh7wd_hQ5S79s8ELU7YbRkth0OAsQaZxz4wIf6EsVFyAxXX3Wsf32fSptCJ-KijWB9GiMld6uucVDjtGLIpPseIqK1hulDg-uEzR9rlqAzJwwqu8ckquw-YFir-KS-FbOC1Qv7Z6cI7LnItweugg84Ua82HI%26cry%3D1%26dbm_d%3DAKAmf-B5CMbjYZK5S4sFB-DbP19Yl3hJ60mtqcTKw9Y4_eA3FQV22Cllls4II7riff-Eq3OxkwAZ1FyQArtaBsn_cFsEyqQqLkCYtiCydb9f5t2Qz3MPJgK7kXAObR9Vigg2NL8-VS_vpf3a8RJioO-M2NTotty3kBmxnLmZxod82hfIVgwanf-SGb41aIJVPi02Nt-nKKZsfm6qp_XGOmN6jqbI153uW_kVdtNDOEVcHmLbnwynczvg91C6dJ3AL8lLSNeFNzWrLmbGD2f6i-LzIK6DuJdLPMcJG9-CfCV53_22aDLf6OhrqyuTSWKlvZ05DvgmSz7E34U5KxVRuSdJ9Svwq7t-C-ii4F27rm90u6vpzerUv0YD-SKrQYzrDA8oa0lBX1AzXXdwJpnm0LhyFbf2JPCQ9TaXLUcmUX8YYhVolbFUQBs4B7iMeU7xXiCJZ8Gh6AAR25SnMCfJFO45U8Q3b9pBulrUgcejaSnxcDWN-LyT-DS7i2Gaas3qtsYrqdOy7pk3KbLAGOOe21apaEpzlsWmOQ25yRMPRT8k6GOcOEzdD_E%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=6346745252316&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ1TJCa9dIIafaehzbwT-s8&google_cver=1&google_push=AXcoOmQXNjOCg0sJYfSJtesmwUIQsgtWaKJtemTay3yyEACfZGs6vPl-YxTzjBic2Zsubv7Np5J5tUrHx_RLtQDS3XMCQxyL4g
Domain
match.360yield.com
URL
https://match.360yield.com/match/ebda?google_gid=CAESEK62B9GzwUPIY5VHA5N8d3w&google_cver=1&google_push=AXcoOmRueve7TKFTn-ilM9pNZN8uMooJoG64yIUl3LS_ZCAWd5e4xX5Rir1XmFyTbAYQuAeMSFzoC2OVrENsJQQZ4N8PRR5QJFU
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA4NTM3ODEyMzQyNDQ2MjA1ODQwOQ%3D%3D&google_push=AXcoOmQ9HxD8lq6bwMYB-TpCMa8Eziiz5aXYAoznLopCTfzF1T72KsA4c8zZM7hGDGlC7DuJfuDSDxN_Vdxf0zI-QgmgVnTpBA
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/72523/creativesup/1200x627_H.jpeg
Domain
hal900023.redintelligence.net
URL
https://hal900023.redintelligence.net/viewability?s=10432800151966504444556012482023&a=24f6f3c8&vb=m
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQWYWyk7N7cfvxJ888mOVCIlqstczGlJYOp7Su6i2AGkfZ34TciOxE0nWn399MXVtzvOzuRRmfcvKXNzYGFnwOpM2K-7w&google_hm=kkdfKFf0NjrV1DoiwgnQeQ
Domain
gcm.ctnsnet.com
URL
https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOZti5pGq1095xGv46vl0t4&google_cver=1&google_push=AXcoOmQfoFSg0mu7GNARrSL9pWBVadGeHw6AgpomyWiXGMVfBg4FzFOT7N4SN_Min3KMB_C4LkKancQRqF9Ojjsr3r8CFgQRgw
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECkWUqAtYJ2abmzkbLffIhw&google_cver=1&google_push=AXcoOmQxBEhG_of1A8VkcNmgFUMreVlpnK8cFasgqvdHaNA-CRKFmBx1W626CVI6RxOa0XIInaZE7iyLkCDkC0TKmFjLt_87zFw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzkyNzY4NzQyNjI1NzkzOTAx&google_gid=CAESELWPMkS3ifocwsOjapUlHPo&google_cver=1&google_push=AXcoOmRVCKvU3NpEogq5x4L7W3f7nhnA55AKdylxffRmwE5sd8LJY-m5otqgIGkCm9-BkkqEKTsgkJZXgzdAkpnGpOQQBkGSc3Wx
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEHFmfilwX4SGBC0wz6rtBsY&google_cver=1&google_push=AXcoOmRoswX6DrX5RK6TQdB3Wwy1y7wucpW0ZmkKIo2R1xQRplJpCtAgcGRFG1jZazJbjq0EsnOKr5Zoadut6uemAyvSmiRHCmGJ
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697743909&Signature=jvwv6KA3liTp0d1ZIDSSaNJgB-4vhPAsaqooa-XJOnaLzhg2dTfVMXSoyGmEfkzm9CicHYVXrpHrYFLNdQvYezuU3iFVfuLebiEzHR5vvNyNSpsoIdtnCO5mofozk961DDBcou-w8H88jEQrBw4GNsu3mClfmv5W8T4UHndWqhzrF9QnymvzS6IV4vqsinYSUapNEjVpNLUonRoHlGpQyu7Qnuvx-sByEB1Wm6rggUu-XB6emCygvHz4spAdN2gmJYaF1rKSboxH0m0Gdt58Xv2b37j9LaXMtThlN3o6P023nFoUUg0XSq41IMO3AAivK~TxjmZ4OZ99Far96PB4Gg__&Key-Pair-Id=K28VXAGA7VWE0O
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697743909&Signature=jvwv6KA3liTp0d1ZIDSSaNJgB-4vhPAsaqooa-XJOnaLzhg2dTfVMXSoyGmEfkzm9CicHYVXrpHrYFLNdQvYezuU3iFVfuLebiEzHR5vvNyNSpsoIdtnCO5mofozk961DDBcou-w8H88jEQrBw4GNsu3mClfmv5W8T4UHndWqhzrF9QnymvzS6IV4vqsinYSUapNEjVpNLUonRoHlGpQyu7Qnuvx-sByEB1Wm6rggUu-XB6emCygvHz4spAdN2gmJYaF1rKSboxH0m0Gdt58Xv2b37j9LaXMtThlN3o6P023nFoUUg0XSq41IMO3AAivK~TxjmZ4OZ99Far96PB4Gg__&Key-Pair-Id=K28VXAGA7VWE0O
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1697743909&Signature=o~HLTIdvoI2fxb-pPbL9zc51KUnWut6fSxkHKoBrVrfqAQnjUnMHCsoxXlhYiG8bruPKBQc3YcOLjOlMmjYhF3L0fb8tyCd8tYCWriYrLs~H4QSM7eBnuEPTXWPTKeaOZk247xTmITWwaI9ZmZDvQIYR6SM70nMGxGZ7v-~m9ZcjzzAGTUkpkIEHl5LJZ-OM3HeTy-TVOTqNc0xtRAaAkceDbD171V4Ek6PZapMplPE2QK0Vs8IQSZvKgBM5tCf4yfeoZdBVPBl88rhdslawElanQRL4maFKUZjIASNaqY8oRDcz7xT03eRqSUB2V~eaCwXHFTs0~Yd1uowRT6yx1g__&Key-Pair-Id=K28VXAGA7VWE0O
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2381066866032716&bg=!BQalBknNAAbFpEfJ5aQ7ADQBe5WfOA_dc4Plxl_oyPChfCBUA8vTgyYiqwv15upwXzYaE61Rcf3Keun8nTLia2TBoW5ZAgAAAVlSAAAACGgBBwoACNqDZ4fJupnDmQLr2DCw6Z0UhA7LgBKRck9fDTKW-Pk4e_3GTs6rp_izZLSDH0cK5SqlDkmUi2grIcPlbFXejTKJEB8hbW6bQFBKCycLLnHbDcOT9CTGglUOLDOOfpwbqYvfuWXDAyCHtRzt8buhZThWFzctC1ab60Px_fl_Mr_ZYZpS09LtrE_8e_kKRBccWwIUtSX26FshAoLCPE0nG0mf71e0tPdHoJGprIGhyP7UprgdWu0S7jBLPfOFYbcBsagXQGjTc1Rk1gfMYhRHIjYntJ9ZyIpNho1q_W0bK5kiXW0CrK8Z24tyfF1HsOp9qJ6SDrm3BhKYsGK3rnr2Ib5mtlTzCxnirWwkXDnHuRI48bq_SAO7cKCgYX87SaRREC1U9NOYZmf_BaTtT6d-arEak5bL1kCWw9H2GBdB6QLEAwihL35heyct6zwPgkw6O20dUFLrChHxhz4ofjJgzi5Lu6umYo0mjZ-DUFe8vQlwZoCoxzyKbZdaNib--noctKZlTXKUda8v0_R5bo4iKRidh5JOguY4Guqy6DzJTNIdoxKluB3h0MkpqqfrhWSPDOaLi4uUF0r0YuOEYnXLD1SHDyS0ZhTtr4VY0og8x9H3navSxG8b6b5esMHDGAqZas35DD9yrCRzJeiWOzRYDMU0FMLMPTG_seGW1YZ1K62KhQz5oDcKmKGUpQhPNhWP49yLoePLFabNDbHYmVAMf8Pp_qO0KTAtqotWUih2AHUAd783zGI-TAgIu0HbLpkXnriMeYhR74-Rf4iBqhfIYmvt5Ks2wu-8pJYHM-yZtrdsrL-Npts8g41cTNy-hpzpKXO4ma7xfeQhIIflMy7Ypvi3JOpbJd-z-GuexyL3N_sj2C1ec-nEsi1YVm3HB0lofbkVHxp107jvGTpfJG6tjm5sF8ASE1l9AkfBc62laXmG3tB2wcL5QC40gwz4eD1fm9J74r35x73fmtAydPp8lzcMR0RGaqIIe_M9Qv3U6KLlyIFcY0rt
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=3&google_gid=CAESELBbS4YMHXVgtDKxmu88i-o&google_cver=1&google_push=AXcoOmQk2NZbG9KANLiQO4StPXyx-Cdg7I9N4oFMKf-gN8ILBtEw0P8tka_7OlQTMMl5aL3HjAEzBsi0pi5QeuAjZuFqiVI0BH2A
Domain
um.simpli.fi
URL
https://um.simpli.fi/gp_match?google_gid=CAESEBWaQ9T1PvwrOgQjySEj1Pc&google_cver=1&google_push=AXcoOmRozByaJOfaFMOIg0hwZESd4XcLUgbWHtY9EmJjxONhy7-ILKOhvwtb_T44rwPLdhrRc2Zc1CMp96kbjOWWeJPHQGxWyqFW
Domain
tr.blismedia.com
URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDSzzUwcB0llYz0Db2qO1tY&google_cver=1&google_push=AXcoOmSwu9A5GjDaO_xUoEFqPsFbh5hu2JYaPX6_2FVl41QZNbBHQkJm9tlrBnz08TQVQJZ58PLW8iyTKXV162Qyslo9DEGA2zR-
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP8BxhYYdHQiIY1h_uEpyx8&google_cver=1&google_push=AXcoOmQx46e8xLygA3T20MWdEoXAsAbMDGg8ZPwiMHSKQfp8qecMYSYL_6h6C6ACbeBI1a_S1gvtFgzdpb8ruKNdmFSZefmP1nB4
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOIKCmxZSf2M5SwRFgsuJBk&google_cver=1&google_push=AXcoOmSigDuq5VCd1UlMbfuXfchDJWAdJYvBD4nNhbT1WCtHSxWDEbnWj0v5CS0G3yMSgeLkDpAJlgkhrZvw6_jUcDXEqYtzDDKE
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFP9LKJBwPoo0d0Mjgd4lvg&google_cver=1&google_push=AXcoOmTiOVV8kAwF_cnF4Sh1L6N5-SBM-zsFYwI2TEX3HZYbVPbklN08oDSP-yMmg7itM2sYOgHIhPviYoMRAynlPkdQ_IO5XcCD
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFIM4kcfKZjF_naSPindJW4&google_cver=1&google_push=AXcoOmSgqQL4vEZQFUx_O9fdYLvk-0T4Lzs-gajWkM5C1wMzw5cenPZynZNzQqWGssRe2fUMiHtKSnrp8ybk8VnVaq15xYubkMeJ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KiThJh4T7dIQkigYj3YXiFXCPrXr_0KwyWzdh5AiF5b5yPtRLmtvahnPItsav1YhTMYdpT
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1697743909&Signature=o~HLTIdvoI2fxb-pPbL9zc51KUnWut6fSxkHKoBrVrfqAQnjUnMHCsoxXlhYiG8bruPKBQc3YcOLjOlMmjYhF3L0fb8tyCd8tYCWriYrLs~H4QSM7eBnuEPTXWPTKeaOZk247xTmITWwaI9ZmZDvQIYR6SM70nMGxGZ7v-~m9ZcjzzAGTUkpkIEHl5LJZ-OM3HeTy-TVOTqNc0xtRAaAkceDbD171V4Ek6PZapMplPE2QK0Vs8IQSZvKgBM5tCf4yfeoZdBVPBl88rhdslawElanQRL4maFKUZjIASNaqY8oRDcz7xT03eRqSUB2V~eaCwXHFTs0~Yd1uowRT6yx1g__&Key-Pair-Id=K28VXAGA7VWE0O
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1697743909&Signature=o~HLTIdvoI2fxb-pPbL9zc51KUnWut6fSxkHKoBrVrfqAQnjUnMHCsoxXlhYiG8bruPKBQc3YcOLjOlMmjYhF3L0fb8tyCd8tYCWriYrLs~H4QSM7eBnuEPTXWPTKeaOZk247xTmITWwaI9ZmZDvQIYR6SM70nMGxGZ7v-~m9ZcjzzAGTUkpkIEHl5LJZ-OM3HeTy-TVOTqNc0xtRAaAkceDbD171V4Ek6PZapMplPE2QK0Vs8IQSZvKgBM5tCf4yfeoZdBVPBl88rhdslawElanQRL4maFKUZjIASNaqY8oRDcz7xT03eRqSUB2V~eaCwXHFTs0~Yd1uowRT6yx1g__&Key-Pair-Id=K28VXAGA7VWE0O
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDlE0PMhBSwoJclPwgxu3tA&google_cver=1&google_push=AXcoOmSqvlXwo8WY-wqyWBnNxp_jwvQjLQg4aQ2D7O74YAOy3plJJxT8hbVybMJicsjpkBZQouCQDU8KTzNs_bJnVI-bmU6MIDBt
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJ144S-05-PQ9ShUa9dFiYg&google_cver=1&google_push=AXcoOmTJ8SrWjDbNVZ-Hg61TVxl9DcPZ_DEvm_axNfDfu6XK8SbOZZOwul5_g8GrBVdlPRgSSQT1mKbceL--0mFUDEjX9OgkmDdY
Domain
ads.travelaudience.com
URL
https://ads.travelaudience.com/google_pixel?google_gid=CAESEGOtNZhpF1FYPGQAHNFw_Dk&google_cver=1&google_push=AXcoOmQI8TVMhJ3ZR-AcbF6lLT-aUBPBKtMN58EUElcC13RFB0CgvCqRrfYKTl_uhrV78wfdugLRcouDWx4hmXUeqwOLEjflcns
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ-fSUlwXewC9hUYYJQlXaS1uzBpF8hhmT74DIYdKfhIHb9lwKvmcsaRnA2fXHhys0KxS2P2IxnUamWhyMficzAb-NXO2gS&google_gid=CAESEOHyjvxZdULsTA6eWoSsoFQ&google_cver=1
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOklju6lsnlyXBe8Tiiascc&google_cver=1&google_push=AXcoOmQHhArQcYrSv0CMbeFDGXQUq49DEbHhj1G05NC8w-pjbH3iJDUwuadIntsKATZlgpsXUD2ZnU-2H_lH7ShMG31dQo6wLM0m
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENC-Kx8KIgAoJheupSScXpI&google_cver=1&google_push=AXcoOmTh-NU_ad5FNY7wfLbYGu9lldwwj5nMq17z9uNj9cepj3wZQ5A-XJEP7mfIRlJBHhXkpSYEEnEQqCvs-d2FEAZOkti8jsQ
Domain
sync.teads.tv
URL
https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDREbJC-MY8c0SKD7ynyjJI&google_cver=1&google_push=AXcoOmSOJxWEDJB7A89a5qEYwu7yaxhtLEEunzLlhR241T9kjQS_ZuC8vd9Xa1QduwQSWWa_UimqA4pw46H_aWgikzY2ErJ--qTn
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjTgw2aFGWxbkGmGxlFVzhv3Qjyaqyk9e62GFFb847DHMRikr0e-r4tpoi13qO0wb780BBbg
Domain
hal90004.redintelligence.net
URL
https://hal90004.redintelligence.net/viewability?s=46885000141710304444978012482004&a=1f886ba0&vb=m
Domain
hal90001.redintelligence.net
URL
https://hal90001.redintelligence.net/viewability?s=50100700129201004444556012482001&a=e7a25f50&vb=m
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Domain
hal900015.redintelligence.net
URL
https://hal900015.redintelligence.net/request_content.php?s=46628900145680404445002012482015&a=6a83369c
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Domain
hal900011.redintelligence.net
URL
https://hal900011.redintelligence.net/viewability?s=66928400169557904444990012482011&a=d444fe45&vb=m
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAcB2ZyXZXqk3IXomroEWtQ&google_cver=1&google_push=AXcoOmQGs6i2ctP09RP7iYkAJ_5AvmSTO0zQBHw-sEU0-1iJdohIfkUpZ5VPIKxQMew3KgMMrC-CNK-PwR79nJ0RisrmpzzIYmE
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGsYOn-OAmxNNHzqmxBaFr4&google_cver=1&google_push=AXcoOmRS2osiUGpAjLEZ5a7tDQDszY-XlQlQR6DGpNAqiH0NnzMPBUpOjOOL7mPJbBaStrGQkPI-U0B2hgyAQ4Pm7XPixPsXEHIE
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED4-HrFmHkqWYobEPkCj0_I&google_cver=1&google_push=AXcoOmTOnS3hiVKHe7ttdlWTKAVI9OX3e99pFUowVAGxjbQK9klYhYHozcYjjrtTxr_1h7T1oFSqC-4lADpuOmd80Sno2sP4ldt5
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTIcqP_2dFZjSsnTSdlx35oWhO5WWuAvMy6SRK01UkL7FRy4wHt3mNMiQ5h8DdXFYW2SJzgjVe7b1OA5epPv0ltWYtLDw06&google_gid=CAESEBfsLUy0uq6PhfmDtSrbWEU&google_cver=1
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP-eojX7bT9POa0pwEdZYNE&google_cver=1&google_push=AXcoOmSSY2ON6bytb05gipRrIZjH3kaUNheyPYQcB4tEGPM-1_U9AE4DCCxESzL-4oaQGNHEdgs8JBxk8IpSz2WKECI_L6DVoA_r
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKe3yxCunKMOTtJqbX1O_A8&google_cver=1&google_push=AXcoOmSDcL9h3eM6VxYSRD0Bz3eA1RFI033inngimEiHqMIMAxf-EOu9GSPH6vHzELw70TlCJegPzCxnbxX8DwN9_8lj0GyXtfZC
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKe3yxCunKMOTtJqbX1O_A8&google_cver=1&google_push=AXcoOmQiH-2WQDXTebo4DoohU1d8Ra3-VmNMxyHzS7D9B-XUMBoFaXgO73PZobucLHxJ43xbg1D4B_6eZWU9WNMk_T1QPpc38mSd5Q
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzoEK1rlMna4E8gHAuX3mDAdaP7VpQP4WtW5hcAImgRj1cgUfZjGQWrlsLyQMlUl0kyIZl9A
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310160101&jk=3152756793657750&bg=!rK-lr-DNAAbFpEfJ5aQ7ADQBe5WfOEr_OlCqKaWAfd5na6eQZBEB2vD3KUAYB4TgpW9IW0CQLnUIU4Rbd97sMZkkFFjDAgAAAWdSAAAAuWgBBwoAV3TLjMYp8d65jWoZJJoVnoknLn-Ms1Gga224qgs27fsNBkmPFvLINXQugHgYHvU0I6M5YQLUuDSd9vUQ2JpP-iSQCZASajURM-E875poEjNDZSh1ocDSbZkDCPHaRqHnfistZjb00rKNOAlGF-rvtjkpzhX2P92y1LwEohRz4xg_VoS-MIP0wVwPpBoJtIGy8c-XDMW6LFyOAl_cP0Z8-SmV-mpDbVkrRdBUOlS-B9WLWWLG3hBSbcLFYvx-FK84WlHIVJW66VbR0NDltJy68loHzJ4fnqDp4v8AyINTbwWcevukw23h-t1H3JzHGhhDa50Wo8EwHgS__UIAD6OsXip3oURhRDrDKE_XF2ekSexy7WZOHt6rgnjoIpBW59tQGkbM7qPmvkh2YbtJexhTaPMemwGx5dsLZCDjAGMFpPz171H8Vnownk9cH3wLFZ1p15ay04YXs6GpSLoyDQ4DW6CUS0WmKmgKNEWsDwERddqkde1IY7DAJ0rf3C4hLaF8pUdR_r-R35mQUbxtBabzO2_p0VfMDMjhY9cFgbBXNXBt_Ib50VwOkwPYUBMgO_xFSrdroeeCNKdG_83DcZBGmNRZbk7-V8fFQRX2GebrjF1qwE5uScwnkfa-5X02o1gSD7J0anWzNcbI7v5o7PcIKQkZrFLc13_O1gkPwAnDxIHzbChs5Uwa7qlqgI1okrzwrxMcNdWLwcysM_El-ei14EOlANPcP0ssGJ6101xkYoHDdV9V5h3iZGUUA4NtXVViNU8-33t7GK5whr3-7C0LPumzFtoQcMb4QP7Da9RYe7go4EvVORzXo0NmYCEO0RJkM0wIBKuhdB0m1aSTIlUlWjsBfKjIARp38LA7yk_hPKKBMgSp08zlogUAf79ljc6cb83kr6b_qGyF4z0Ysw2KifTaxCQLAgRbN8NIKNJRXWV7Hw54Du-tlkz7nyBD9sVXpDJ1gXLmI4NyN2o7knRwhSwJLx1ItNjJnMKFoM8rAaj1f_sTmFiaPYt5uQOpf70nWJHMql2YPRODZq0klO9b08oFyF3TPp-QyjoyVCTRjbTDnqiE-Gg6eYWAna7KgtQ7JO4wRS0en9LZlJ7RYoFkiwnnki79_oiztsz3akyBGoVkstO66lRKPWQRREYpxRfKV0Dl
Domain
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
URL
https://8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Biz8S-IIxZdGeAoGMlQe_9qeIBgAAAAA4AeAEAg&bg=!7O-l76DNAAZy-tsgUvo7ADQBe5WfOBvAPmygTg3w2rqzXku05WyYhOLFWLdzln9_XZX6KROF_tFMJgC2TAGP9YYfd4KbAgAABCBSAAAABmgBB5kDXl4pEVj0X2oT6z43K1zWOS7hmd4UOUCc7gL3Yk9KVb1uL0kcXpkRxq1xHjAycFWx5ZOPIIqCgCSDVXqPTPG73x4SoGAlc11GO8s6bTZg6vcXcGrdbFmZvR1NIhgGFFYQL9CiEOp_eVTG3hdG2xqV-pHosepl3A70hyIlcQpWcBdg2Z1ObL0aLzpb75oDkiJpDLs4-kOu3AHaN8cRJsW2iytguTjXkvCW4DgOnIibMY4g8-fOykdFovBuQdPLAbfj6KJQRqfwlEw739f0jTQMX_R0PQrKOIo-6BKyPHKNdgc5YG9obnxkxM6XWkWPnLevQqL-DhabLPb5Z9nbSFSAbsGA8i1EFnOaPqbKog7oS49-Dol7JxLIqN3mi5epMD-ew4Qd9d4A_Wjwt04zeJfONphRVhBFh7gBorfyo2qHnkwNE9pbFr6-5Gth00ixsBYTrwDV5FJw7TMNhuAFSMOkA3FGGBvwezmdaxw14n8qAgE3oa7NZ0-Xi8YH9_9G1laNmIiOStGkPx8tOs72tWnAo1vM5qPwP3YFCIZr1qVQoZwN8aeF4-gCEDD5_HqWuaS5Ohn7F8Y26C3NhRJwQxtpGWvthJvWAKKfFtXDh-xQVs5EdQEoYPrS6Z3gLWyjr_t73sktvfTBFHaj2w7_IZ3juKwtF0os5zP62-hh6jfTfTwE6UoPOJ8LyY-0lJrMxGQJ0bIL9TCaxO8DX_e6X8xMl7AWJcHfy2U5yrHu84cyD45mgykYrP_w9dJjJ7wf9ofzQwh3ZvX5Ct42eH-jELgSOLy3faxhZ3niK-SJ-4msydxVJvaBlRa7vjkRa5Pks3Z8Z2Af0OG4y7TXUgsv6xqdKjBUXdUKOkMO0YyUyvoVycwGxKh8WzY82mQzuWVLOLK72TQMYHFm1SQ4UxkPS5ohKlcXsJP6l266ye849W5Q_bh7ouHTPE6xL4MBq5pn0I3FX5WXabo8p0pyHmhxOj8uPIuSS2EPbXlDMn1XbaIE3LFKvGoLL4Y4bGKujbDzVxm8CL6bcjmBVMOjiat1PIX60GSV4Q7ioqUgSRtX7GilnicMjBs9jgiEiBNFDooOjeOkshA3JB92AlriW8ABDG17BV-9tUdp5_aa_TBtLbn2cjDufsm9x8ohDJORTBSurRQ
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bj5_y-IIxZeiiCIuvjuwPx7ejyAsAAAAAOAHgBAI&bg=!vb6lvvHNAAZy-tsgUvo7ADQBe5WfOBIRgtvP7SE0LKxYUYgGZ0CxAVs8V5gh7YkFjqcUEGGreHeLCe7EcuFvb5rBeeavAgAAA9RSAAAABmgBB5kDS_3M19NBR81j8qfxqiy2614Bc603ktkhBdfRqVEcQMwOA6HQd2ArYKgQmZj8z98jT0ZeUbvc4kFCnATfUDxgMiDlseUPp9FgtG1Dv59ASUWtob96ZelHMee6PUr11aDrPwA0KHYAX2ovP34ua8G8OTTxt8qATEa4M7srZ252ia0Q4yPSG9AJ-rXnBQeAo7b3v_YFhgH0RLVpFaUMe9TX7lCRNaIk6rOECx2Fg71HnRe6pNj1a2gKpbjTSZKSmW5E9oBcPpjHvh6diNWK-CG-X6AY_xIxqi2r_8IcKsZeeluBrk3ZIFGKkKFRDgU95ZTWpe9sVvDQ0u3sUnlXhBYtNZ0aukAH13gYWiS-XreYaNFJFfFHohKyLAHZIZelx_Iz6vBeKo6UoFeTcCDRNXONENQyVOUXcOPdgrBPtvv02dDzzCvPkwhVJZxrHiCTSOEpZUaG5R0IAysfiW26MXY2y_fpLfz2cgUZHgtc1WpmzqKLG3om1QLczIcPeaujdB2sk8CXe8EOfWjLh7hhwt0mPmdT26-7FIPhaL1s6aYsmGLMB55_AGrYoOewyV2C61H4kbUV0jdRDboOv8NKOcHY2kkr1AEDLeU9sSsFJZL7_Pyba20iVTVbOY81frP6co53F2Zuhoh3GHX-cD8EQURhISIvldRD1VhWZxmH8k4-evabcv9G7Mv9K48skX8pFmFgYy_48JlR55aWAFuPExMC616fwEDFeenU9_LPzYpR_fn6xjJIKYq7pE0KcznYKHGu50UOLETTIL7XxDM1jOFO5rXB3DH6Ahglp0vf2TuICK0t3D6gvW8BttpXufveLN85mLMZjTFJgOkmN8U5Q4mSrp--SxKSaKDxyW8gz_PjYEhWS0eW8fZZJaCUn7jE4M3qY9yfFrDd36aqfo1ecvrmGSoJmGLY8GX-rD9LYJ_QMSsUBRxfxz0SH-FxBCe7y4ed6QFkylXggEzy9H8tYPXdzTxtMZcNwpBgR2o2BsjRSYraCYbEaEPcm-gDG5psU9JA2Q7llk97ByUyDNrZ6PaQTtB3jr8bPhnjADB9fzdWJ_XnuLGUFMbnujVX-gNm3FEToIWDHQGCely7N9r2RMymctXi5hvxDg0Vjg_dsA
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bekab-IIxZYmiE82TjuwPteyA8AsAAAAAOAHgBAI&bg=!LC-lL2DNAAY5nEQaGZw7ADQBe5WfOINzEDsUcoj-ZYBIFnr5Eyf3WDP6X-vCIFPKWVrAmIo5_FWETf2dVx6uJgPIFZV9AgAAA99SAAAAA2gBB5kDFIOshlCrcyMACPQVChTsERmK-wr4KT3TGFLQ03C4QHooCCycKEycTWupHBN0z3XEOvM9AWEdJWdvMq5d-MiqF9TSKZlnIvFU0wgIlmMKBBRdWkVWWYUduok9r4eXPUhZyINwA4IBQd5c1IEP97-WfFxaddSNFYb9wZzIAqmjhhLLNVrkmhpHDVjW9pI--IH6Qp0SDDYNpS7KxSs0wUo60CLydFQTaBTHxVhCimkKKgb2Iznh4fF8vniDfV7fjQyvAMzgovcXHHmmPjRQuqo6VZZNoRcpsyvD_I9zEs4LcJtyBjGI8tec8VFWLInO9LEfsEGL8wuKW7UXc8thfF62K2VRrDPWjy7gIfPLY3OWp78nb2CYWj161t7yrKbWmc2sZ4OdURP3aViU_cxwgbRDGgsT1kV9zwqLFI19aSkT-0zwphMo63P7v3wyJRxgxy0r2VLwbstxxMDajCRU6Xh-1KZtctqZNBOguU9Au7dFEoLyGxL5LWspIt0aldQZph0lvbYxwxkypRuyRx8aYpuhVTZQQUcvFkGmYOPGp-QwAUjBpfa4NTJzuSYZpC51Q2Z59OLY8G_Cety2us-Rml5xulsSvSBN7rdP42B8cK03ZjbucBzlWoCjTdYr3PNZNbULdrhxgebxyXuB1ylujOfAgbzIpbiV5Mp44ejmuCsqUrVZRMpfFW3uVrwSm3Pn9VKlgEO04egnovvUhVZRJd7GBEyepQCQULJN8YTVnaM-rmic_-7_4JQXWlNIJKcpMtqflf54ERaxraNf9WfmP820DeSbPYHLvsX3jBRenSRny7D7KihwLFFTFsj2iuJayJhQU3LbaC6R0XeyK0xIk-y8svtz9sjvQoOs5QoaDlnGyRH3wKINDLrfhy0NuNmkGAOKGPR5T7li2njMi63Bm7xbL9b2NxonXg_B3Al1oJbep94OtvzxtbkKBRpkIw09C5CZWhul_J4xF6vvyj_AhycfHNlr2DzkkbUJTTq5uwCEhjAmwulJmQjHorM17ethkAVjvsHQfk30944AOnq-WyLdHPvr2_wS
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B402Y-IIxZaWnCt6U9u8P-qWTgA4AAAAAOAHgBAI&bg=!a2ilaCfNAAY5nEQaGZw7ADQBe5WfON5NiA3YpmcVlE_OW_N4D5ymFp5jcqwNkwtfwTCyll0E-ZyFwEyWqZ98x-2HziyqAgAABDZSAAAAAmgBB5kDQFLOm1LuzkjMJL-tw7NW9YZ1sWdI6luimYgR-2HhakfoOShC0TjlIDySkjbzRRC5AH0gfuAllSMb_YAs4LBV2mS_7KkLGTgkobbWxyNTwMiS-SYZm6MuOPQYkuFpfflj_2WQVTbg6yQNCQsVDWxgoekzO8lOuj5vB4B7VIJ39TFGRtcgXitgm0EjzPEsjLlGWYnzdJd7I9F8d8XmTSI-HJL1770PaEKAnobHekmcwh_4qC51_NN-XIQj4PpRWa4czwf-MQ0cRofnxAaqed0dtCVeE1UofMc32BsN3baK6IPiHIn-ctdj0HG5QQzxtyhDO3KPVqNq010LYo_NNJKF5vla23IbSLLzqdk1nutTRuLiwFKT4cLs9PuIA464VuVEidUJsVWF_KGaTCdgoR2z4mNd_G3X6IW9wR06PhtpsBOv57FvdtkaygDcf07LXqoyJSrKbMXVaD785rTkkiU6JWk_h2EE3R-4MpVRMXqJbtQDOeQV1cAEUNKo1UFgLesYZ3qeJXSDqnpa6aKcCB2xGVufzmwQlKYsc-Il5xuWxLTrjvCfzw8xPMQv9tbpTOE8SqP_qaluGpqiWZuI1No7qex4CJ2PiZhuzosH69D1B8E6G6u5-x2POLY7vJPQfcTdkRQLJRRJdja9dRhBrdHx-diqjKkX6wtF5J3c0LGlc2h6O6GLyuwOM-PvhXTA4dW3Fb0k8InDt6yCH8Npu167B_x3NGh44uoHtp4-HBC-fD9tCf_LrnrehScrxLe4gNWsC7raA6HIGxpsaerNdPDCRZnq4wmfLLHNOI1K1gfU6iYkb-j9yh_yKhpUwtF9ufsAxQC10MreJSqVd0ITS4O6-tPmTZGvr74a837tWfTp3NlbXYQkNADEwlSCuwN8GeTjdC2Mk3FLHCZbkaO2JLS65fOJHlVPYVjT6jCsvTQ9gMajKlUEwcFBxTG9SdvBwBxGa_DW5mKbcgKYYt8GtB5tnOI0uZkmMAad-KFFKG_Uw9XSNlv-28Pt8gilc8Q32tEMk20GSw6NOJktvL9Sd7DrJc1r2Rsuw_dJWSqTba5-6hBj9dAvIeZekjSG_67WtPnj14kuK7M_cJBveWZtpJ_wSSE
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYIMb-IIxZeu8F8GIgQekyZrIDAAAAAA4AeAEAg&bg=!19Sl1JvNAAZy-tsgUvo7ADQBe5WfOCWiGC8y8u8O4BntiOHtgaDMM1NGSq1fc5ZtpKw21epMt3yV7IVRDWG_fM8TITS7AgAAA39SAAAACGgBBwoANil-jpLZDJmW0ttK0acT0apuDXSsbd1yWbcDyI58cc0BAaBUReqECwFl0B3wuEbgMd8kepTBhpkDRfM6mDxz4P882Z8fWaUHv5OsxLGXabtoc1_llxINDDp3DASczzBg3Ho_Glsw2t1tgyfuJlBI-NDNO_X4pEpb8dvhEqPK3jb_UjfVWi-GbxwcPp1I9Yra8WTB_hc51uvkUxnKME69OdmHtSeC5VQ7g0B9SR9uMHvs_HaMpY-7Nez_abeKmz143EyHjczgYOGphVLhaeY4pBVrNqy4Sx-tr-d4oBI6c2NHE_FmrT-bnIbo5uff7XskX0mneeeWQNBcWceMSQGoIzqqSFzbE2IeuaCMHowQJMb8t3KZQPBO6W0l1D3qvtY2t86Efn-NPx0idL1cFKAeSeQwqAP1SRhpmJF_Osax94NfIy7fad9cqbnEx3rirRarG_Ax2f0h5P2OG2DVtQfgB2KuJecgwDu3FhFQbZUIaHU37uhm9IuLuz1sqsncDrE8O6C6UFfW1m8XLaW-n4UrL4cszaVI6tYZScY5-33qhhtympmSkb72LFfAhCoeXWWPSdrLnvX2WwtDdnaUtSQworTbUU4QhPOtvRs_i6Hs_pbmpLObjKrTAF3APCt8xZ8zMUJvWnqT0RXFCXW4nRXaG_hXbfTXoxB6d1mXKOaBhYSaUqAmGx9jF9Q9bEfU5DtAIer8nThs8tPZ5Y2vgA3tLCy1-uw4HzZze2lf8Zdea5tTOaKRYDzg_rHONLgljyqgXGTzH6YGdiOnGu8KrSaLyX4Hx7EkAguY-L-e756tGdznXZQNLA89QVG3G3cU82OB3LhaLdnvPcw-MhApwUFYh9Bm1xiiV7gOqx_GEx8MNSGMd5N_SEtBFKuSKQscrNPFuXkK5PTayRTwtGJ2yIDZOPb81o99tyUt8vefhBXUynjBEQsaXsIGAXwrkAajDvH8uCTHzDXJemnCg6lnubWNZLNLawDxPMbybIjT7wYPVhiNbYil4uFcsLwbAKtjpq5KAYYoEMt4X7x1lMdX1K34yQKQDBYT2DsesQsU47hy_lmnn7xpy6s_k8O5xt8D4OCGrAiwfwYmumE_6cvo0rSg_RDqmBmnd0Sh-gfy5kV2JFm05KOx55jzkQtXX72TOr5EV2G6aqiQysBWmbuqC6vsNdv1qKlRMb7BmBWXgOMVEg
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF5ZN-IIxZebLF5rngQf6nqSQCgAAAAA4AeAEAg&bg=!SUqlSgXNAAY5nEQaGZw7ADQBe5WfONklPHMxCVtO00xEP5FU16l7TKY8AK5Gc-J-AATzl4NeRUpP780uC7T5w-rOwotPAgAAA21SAAAABGgBB5kDEZvb42wlkmJ0JDakCstnqgzARUKOIFSg9JFfEDKWLHduIXxHxLikG5Zmk8d0usHr58OWeSmJYp_JDnUhzHBYVYm8ym0ejc-pqtqdaFx1IXerZOAmcHWV8u0d45F_sYpsFSE5tQ6nJVMAnWFbCXr-eyYONDMdr52T8rCV3SxOQ4mQV2Nu-PXUj-pUd3AC5iWc5lZBVcZc6Hj2Wy_ZRTSf3ASB-jopwBgjbuopaoUK8Wn4Ll1pPY5adZhrJnhfQTxLpQIj-pHeqeV9aQ043nNq9vligwHrXz-Q1MMl6Y7AEH5XY8fA_nSL9Nk8noZA5z7xwzNU-KfAcLgeAdp6k4NhGE34fhVjT8RXAclc0sfTBFHSvvCnta7K3wTvdSpGPWOJLc-lKNI_EXYG6F0WZjdEZowAa5lBwIawcsK89M44r4xTJ-oOsnsin5zGYq6TlhW40Hzp1RYsicooSaTkmskZnMtyFF9f22osQj07BBXcNYcCDLVUXXYBtd0uJIgjVXqkfn-49Qpe8ywQETAkqIS37ZRf2dtdGk9ObkGKw5tRj8UBj3Wd7ElePuUhMZBC-mJWMksS9D0VSZZbH1lZGQ_jOZplQOpbxVXkBpyeDmMsOYw4IAf6ObqGei2738u5mOz54Y7wnhn8Z9jRHqfXGAKhWECQvWG4Iq0RDIKhQ_YPa5OsIJ3AWnGw2QJK3tyrzEG6EVnzKa5GNlrlDiyKzKN1UqIRen2GORH59NqQKjkVCxK9JaBfCntyugW3DniUFLPSnubQbad3ZOkaghJu31Wqj3XRn8beydshFQrDs4eqleH15pjIimqaejvd7-lqB4YyLXPPYIM4vYK1YEQqLWv_VZ5h73-75zd1VvAJpDN5gAKaRhyNCA-ZdnfAvZeW9VwK4RHfrCJ1PrGTutl2S3LUAB14-aAunp13DvzqENKeqhFowwjMhvrBqxxlFJnIKEr2uVp2al2uN1-B_zcUSTLl9_gsjauBx05eHXghR67SjHjAe5ypzMD3QVtWlGZ3KozIlo_2ezudaUUVEemh-muvW9ET
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgYMz-IIxZZ-ZGIGMlQe_9qeIBgAAAAA4AeAEAg&bg=!oKOlo-zNAAY5nEQaGZw7ADQBe5WfODM0j3i_k0soz-iIqEh5XyOSyW1ynANiO2wbn1N4svN2ilAPme4Pro1IaRBc0M_pAgAAA2VSAAAAA2gBBwoAO83Qh5HusW5iprnP4PjZjnI8xqax76ynyj5NPfHsBUPgeXD4t_uTdPltJ5lmEqNRLH6JWcZOt-2CieVEmQMMnCh8l6XrNkJdLtNKL4JwSVJjilWj2pE5ROg5QZDRedwoJPxe00_9yRAtgYfrDr5XIyg_YnjGDGq_-DFEHn940xiv9AR4jbQu-DDfWWc8q5LqnxJtiEm7Oq9-5ZoksoyBXzhmF0Fu5ceFtWhTveDa6V3bZyt8l4RGy1JO9yGTCSPgBDbRSaqq-C5yAy729EOxyk3SEzB4B9xd4zcML1BOFo-5Kr_4WDnNdsQFduO3FCGNV8bEMCCxUFLWqsn24E4AubmwTkDBN6ZbOCQ7pk6ZIGQa3S-UkZm0h8F4TaGR1diheEEUbugAfuQJWbsfuYeIGCxRGrAYVJ78KW6wFkivlMuCv3-ZmYjtDltZypjZu05lbzPNz95Je2Y9lDE1qRZ5ikOwUJA1UahdckaO1HCGnk_m71wpagM6b0z0ulR7t-0jnkJeG9a9rzhG0yRUNcp0zIAQVE5aR4F8J2LPkiA0lrnELjW9YLGvPzWijSAQ3VMQJLPBsy9383n2R6O-D-O44bthUwQ0B6mbXh95_Uc2rKIW9lsRcAicct6RJqATnzLKQx2j2sZ5e3jusa3WEfe44eYWVBpdDK7UNG2o1rVbHyFEPdjLVvgmMNOt28tZpWfjIGvgc-d0Fwnu_P0UAdiZDctgeHl6xJ7aM7fMX3gAQcU-Pcybe5HeXEZdLEsesjEiIa2owVLsqzfcwgdWgocHpGGC3AZROHK4l6ZQazxOtfz8yroSfCLqq3L4NgFwzIqBNpZ1ow7hdEuc6qEV_uvsbzq6xRKDaBDn6TpeNP4RalaVrbgs175kprBuAa_22mrbc9YM_Lwjwj5qckkzish3sExpTyE4xbkDQ5fSY5qqqkdfS-vWkMtPgRSa6TBYHFPsjIZo_YasOixKyt-U-kQEmr32KUjYZBMGQl7qQ4wfkawCElVP6jZJWccMYCqaKB146t_zMfv4p96yfRA5iRNWfkQOhQsoVj8UiGN89EgrLXED3IJQTnCRD842S1yqZpQRefx1BwE-pOrvFt89cLOiop7gCGmFNxsX039e
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/a?id=GTM-PLT9M46&v=3&t=t&pid=12222514&cv=105&rv=3ai0&tc=53&e=*&eid=0&u=AgAAAAAIAAAAAACA&h=Ag&z=0

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| dataLayer object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| adoptHideAfterConsent function| clarity object| scriptAds object| head undefined| ref undefined| newBlock undefined| oldAds undefined| newArea object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| adoptApp string| disclaimerStatus function| sendAdoptCommand object| nvg13767 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg string| nzn_x object| pers object| google_llp object| _ilabsPushConfig object| IlabsPush function| getFunctionFromString string| nvg_i function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| naveggReady object| acceptedTags object| PushnewsSubscription object| GoogleGcLKhOms

41 Cookies

Domain/Path Name / Value
.baixaki.com.br/ Name: _ga
Value: GA1.3.634115515.1697743604
.baixaki.com.br/ Name: _gid
Value: GA1.3.2090811088.1697743604
.baixaki.com.br/ Name: _gat_UA-144680-1
Value: 1
www.clarity.ms/ Name: CLID
Value: 40c49435055a4e70831a86b9b609ab26.20231019.20241018
.baixaki.com.br/ Name: _clck
Value: ig0qfq|2|ffz|0|1387
.baixaki.com.br/ Name: _clsk
Value: msb98i|1697743604962|1|1|y.clarity.ms/collect
.baixaki.com.br/ Name: __gads
Value: ID=c62bdc05e2562fde-226f1ad3f0e20087:T=1697743605:RT=1697743605:S=ALNI_MY_aSsPa8NLkQaGrUpgbPraX56xBw
.baixaki.com.br/ Name: __gpi
Value: UID=00000c9cae9eb129:T=1697743605:RT=1697743605:S=ALNI_MYyHPgAYJmd8Ys8zST7YPL2QXD6ug
.navdmp.com/ Name: nid
Value: 1380731dd55d24c918599cd1d910|0|319
.baixaki.com.br/ Name: nav13767
Value: 1380731dd5e85dbe60f411ef5810|2_293
.goadopt.io/ Name: VisitorId
Value: 53e8be73-46c8-494e-b297-62d1d35ffa35
.baixaki.com.br/ Name: AdoptVisitorId
Value: KwZgpgHARmDsIFoAsA2AxhZBOJYFQCYtYEUCATARnJGADM6BDWoA
.navdmp.com/ Name: ac3
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmLQuiyeCdYdQA8phSrp2MQjIJ2DuFBRyQQxsgTeW27YgI25LmnZFYC9EkIHuQ
.adnxs.com/ Name: uuid2
Value: 392768742625793901
.bing.com/ Name: MUID
Value: 08762F8EA1796FC82E303C21A0D56EA0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 08762F8EA1796FC82E303C21A0D56EA0
.baixaki.com.br/ Name: _ga_KDJP529EVF
Value: GS1.1.1697743604.1.0.1697743607.57.0.0
.casalemedia.com/ Name: CMID
Value: ZTGC9.tbuxAadueQhNxrYwAA
.casalemedia.com/ Name: CMPS
Value: 2210
.casalemedia.com/ Name: CMPRO
Value: 2210
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 08762F8EA1796FC82E303C21A0D56EA0
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: APC
Value: AfxxVi47d33zQYDWzoXM9ylK2ixTBpiMTssnWTbsbfw5tjeoeWwunw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImUbF>w4!2(5u(<j<dINiYhTyXnfi8FW/ZrwRLZ+Y5)k>y.)f@[Y?kN#`=gxPB^qeqcp(j#iP(Md+>)fy*:Dmzqa
.csync.loopme.me/ Name: viewer_token
Value: e2beeff2-ab74-4168-ba4a-a671e2740fb7
.simpli.fi/ Name: suid
Value: 1846C4AB97E04A07B56B848F7E514A07
.quantserve.com/ Name: d
Value: EC4BCQGcKoEA
.quantserve.com/ Name: mc
Value: 653182f8-3e071-3d01c-07d25
.yahoo.com/ Name: A3
Value: d=AQABBPiCMWUCEMqAfFJ6SIThc1RmSeqGgccFEgEBAQHUMmU7ZQAAAAAA_eMAAA&S=AQAAAos8m1YYYCOqo_cBByDbcHE
.tribalfusion.com/ Name: ANON_ID
Value: amntuJy4ZawFBA9MAIAno81IUWRZdjMFXfZcNTnE5T2iHo9ZbxiUGFWrjQXZbJf82YOiZbWY4FmRpyei1pN13tl1HnMLEo
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 259e65c302851196
.retailads.net/ Name: ppb2172
Value: 3215468737
.t23.intelliad.de/ Name: iact
Value: 0001F0D073AC3E3815090614809D61EF2D02
.t23.intelliad.de/ Name: iaimp_42842
Value: 1697743609:42842:100:137:101:248:101:20231019192649484479d831bec14f
.awin1.com/ Name: awpv11601
Value: 113440|1697743609|73144bf0-6eb5-11ee-8084-22395667df75
.awin1.com/ Name: awpv11830
Value: 296283|1697743609|73236720-6eb5-11ee-8e02-22641699f1ec
.awin1.com/ Name: AWSESS
Value: 357066:2338577

6 Console Messages

Source Level URL
Text
other warning URL: https://www.baixaki.com.br/
Message:
<link rel=preload> has an invalid `href` value
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEEciOFCMs6abQKY7hTUh0Q&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDpbcS6UZ2WsNlUXcFb6Pjw&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adv.office-partner.de
analytics.webgains.io
bk.ibxk.com.br
c.bing.com
c.clarity.ms
c1.adform.net
cdn.navdmp.com
cdn.pn.vg
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
disclaimer-api.goadopt.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
f1d5b4706d692512f1c39bcc60aaa11f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90001.redintelligence.net
hal900011.redintelligence.net
hal900015.redintelligence.net
hal900017.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
match.360yield.com
match.adsrvr.org
medialead.de
onetag-sys.com
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
region1.analytics.google.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.teads.tv
t23.intelliad.de
tag.goadopt.io
tag.navdmp.com
tm.ibxk.com.br
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
www.awin1.com
www.baixaki.com.br
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tecmundo.com.br
x.bidswitch.net
y.clarity.ms
8a57521e22c78c5ff63e590de5d92e1d.safeframe.googlesyndication.com
ad.turn.com
ads.travelaudience.com
analytics.webgains.io
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
csync.loopme.me
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.gstatic.com
gcm.ctnsnet.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hal900011.redintelligence.net
hal900015.redintelligence.net
hal900017.redintelligence.net
hal900023.redintelligence.net
hal90004.redintelligence.net
image6.pubmatic.com
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
s.ad.smaato.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.search.spotxchange.com
sync.teads.tv
tr.blismedia.com
um.simpli.fi
www.googletagmanager.com
104.18.26.193
104.211.35.148
104.64.118.247
13.32.99.105
13.95.152.229
138.201.135.164
138.201.63.116
138.201.63.150
138.201.64.38
145.239.193.130
167.233.14.134
172.217.18.2
176.9.26.250
178.250.1.9
179.191.182.65
18.195.155.219
2.19.104.4
2001:4860:4802:32::36
216.58.206.34
2600:9000:2057:b600:18:1fcd:353:c61
2606:4700:20::681a:e8
2606:4700:20::ac43:4637
2606:4700::6810:cf3
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c03::9c
2a01:4f8:d0a:2321::2
2a02:fa8:8806:21::1720
2a05:d018:d29:3601:96fd:90c6:753f:380d
2a0b:4d07:101::1
3.124.138.165
3.33.220.150
3.71.149.231
3.9.163.207
34.96.105.8
35.186.253.211
35.204.74.118
35.214.207.113
35.244.159.8
37.252.172.123
46.4.10.49
52.86.91.163
68.219.88.97
78.46.23.46
94.23.99.218
009c9739e48c0eafb4f5488cb5c7d7ad5b48e87b3f9b83a06d427643354e970a
00bcc5572834607086d56f2b9a46becd2d2680cd026e676d061fea95863522cd
013e2e5681f8d53040b833d9dabcfe94dd73eca378333cb391e53ab665e0a2ab
02b7d7ce6d7b024a8d93d921d013bcdb981dc22cade30f43d6d5906f0f8d7029
02bbeda80ceeb8921f45a12d547bcd54e39948b71c7f172a4f0c825cdc6844db
03f796b40203a2abdb9f039f8226a6251b882996c1a4c39a0221f7cf3f39e2e0
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68
0554bec4e20a358eb902829715a46987e3590ba6c818b49364c2bb067670d4fa
0602336e0a9d0caf9876031607786b5ebf33f3031722078fef6129a6110423e6
0855169915236a960fb4bc92f2cdabf289dc0d4e8a8c28023f5c52bc58dfeda6
09dcaefd024d3b1a7cafa618c82815f1e253ae69e2d79822dfdf50d33034cbbb
0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d199267e69e6bfa9bdbeb33ceadd2e54f323160457e09c7b0ccadc02645da59
0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
122a0624f74f2cc9e4293ee3e3eb8b047af5e289bff81d0819cc4cfe0415f549
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13304966dea0ecfe90373f59ce4ba7dac8b3601904a01c193495ee353409331a
133684e4f424f7b9866abc7d33697dfa6a79ff897a30f0fc2fcbc09dcf241dd4
138cb06ead97c507814a4796b8895249ffa67232c069a761f9e919cc78890eb7
15ab765024d157f18e5648c1a518fc3b16824d8f28e8d62d77fc620f70696566
15c04c666106033cde2dd673fe86441bd509e0f193ef908320cdb3f0339854b2
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
164caa457dfd1aadcbe1951cb25aa55a1d485cfce312c86b13f12db2e602d6c9
175b616d38847e1451a8d93d960619befe774aefeffe27de39ac918fc6981d39
184303b0ce47113ae5387b859f43e9a7b2bfb1ba7c9305959dcc3c35c594334b
1949afdbec8fa5d3e353ee732b20f8555c5002fc1e543b80da3ef0b02264e5ca
1a8f6d1446d2ab21a8237eab6092f2094cb532c9ff6fd6c86c2805ab61a55c44
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b4ab8263744686e9216e11aa5806f58c663f897c2664f81b8ece30ff9b02fe9
1b4cd07aa9e6843e1de76b9e78f00e5b25617b718b3a271814b86b57d967dfec
1b794559b0951df9a06ee583120e1f09f06a8685c3db2b696cd21c9a8c948458
1c4cdcc778d481961b081ea97c2a8d81f2fe211d3f0615e422ca29131c5036fa
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
202e73c36b7b4dad06c758d0aaa40da6f528bf9d4d1b30d4818d0af8429519b6
20dc2a6a39f55cfab55e8a9b3fee0cc77748ee2ddea57d7ff99bbc8c0ac84a2a
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
245b83cb51a26339d611aa7a019a85915b4f0f16eeac1d2fd09605e782043618
24704913e0f4ba9f37f4af868d511e0ca5cea751f6d0858b92e4193dd14999c4
25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337
26a038723744753ccc70f7a637b5412b518bfd03e01030bb0243bb726f2cf729
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1
28ce9d9e7f46767fe1e863a966fc63a23f858d8e1e8ccc73643886f85ef3f124
2a1643b1e1621b3669f5eb83e9b5ab37610e9d39b1fefa7d700b2d7157dbd50d
2a69a0de1e4d06186c6e072cc966d565d067726886ba29b5adb64e5cd2923f2e
2ae4f0984ee2b7ff1f2bd88655a2683a75da5b3d46628a161d98dde53444041a
2b8ade183340a225b91127fb62b5abf38fe00e9c7e8e011f8b071ea0350bf993
2c5f600911e22b2402bab0da52dcb1f43bb309c9219b411cfda90e45ba994d9e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1a9f32eb0be578f5546550cc9561c6ed8517812c759dd3a981975bf04b0039
302eae0b72f980ef1698257b0d3452a8469f8c3b0754a06ebf3e6f7041eb43e7
3038c3fbf860a0c460ee0ad00e3f7f85c16403322972e5d8107ca72ff4607659
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b
351a8994bad6fe8d6d587a765f38766de10da30f570d6965ec5311e99698465d
36bbf4b3490c908ed266fa0da7fb15eb18e7278509c9bf4f9d8f958d7ce204a7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37c0278d1d6d1922c13591e186444aae7f4ac2c1f6e1eed6ceecbca1981832d5
383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
386526af3be13a93eefef55ac9de45e5b789e26121580fadb6d22376d348f0be
3931b27e9b2d93718c7913fb9d22163fe91d10b9ca157d764c2be739d6bf4e4d
3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb
3c53ad775bdb28fce9a0385cc600f8952d2054ef431b58a2be38faf7a9a32d78
3d0caf6097184ebc9c0c411588575d70bba301da133aef79de9936355b5a4f1c
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
4229ab04b35386232c53ddaddfe60cdae44edda07129671e2a434d5c6d46e1d4
42413772d3607ab5aa44b4b1eeaee98e932f9251724ddaecaf38d00809f9710d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
443546b93e8143c9c77865a9d96fc92e48c36b60ac2f0ed43d380500146a15fa
443e354b86f086967e160ed266eff20cea7a1e0dce02fb789c48695a8c5da6e0
444546703bec872a6d3536da911d204d4085e7906810dc02a42656262d2b758d
444dd4e9680d0656ec483ee5e3f6dcf0594fa3acd772fc6393fa74a5fc942be0
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
46756a2f9fefdd294d7c9223a629ab85e1043ed0e1c5fa742cf3d092f816e28b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ac5957f24fcfbe3f3858d7f973498c6d4695210ca82073811f4ed6dcea5fdf
47fb50f0855c84eb77cfab1ae2017233f412d4aac8014aada761402737843375
481ac16a35740a6159c1b357029f5eada79ae03070c87d2fc232c4103612e525
483029fbbed00780659263fea22a08ff4b65193d2679fdf509c96aac743a3c15
4873f8d4029eaa6252dc89cfb33397204d469176db5c7c13683244d3c6029164
48e9510c5a817c5dae41d98687d85687843c6c2ef0bc4a62a58d76f61f43e8c3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d23f3bae0ca00448172087bf2190cb832b476b82e741c5dd97a27c6374a4514
4d808ebecee94046027c9de129d788231c191bf793583957a4e85f13f02a72e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc69fc749b48c375543b3254543184151fb2215fb4e354df359250481066a9c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
531e70977ab4e20fdc9d3ab47fe345879d0f481d618ec16dd19874ee6c5ae800
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5504382459f6ba7ed50a72936ea40ea4168323251c8315e633ec6dd1bbecb950
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bf1996fdbb44c42658312540c3caf0d903021794e56ba3a25a2a0e9f077a50
5762e9f7ab619527bfe1810c1c5789913e5f64b7c800bb317dbc5ac08eadd40d
57c7b0d36e7ac985ea0af056baff00705336552982bb7974d3eb76170ddd156a
582854b9221a0ee17f876b0468d1b9163fc428e4e45383ac9275d5ce7195ecb6
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a2a3fb4671b341b7794da7073a6aa91ab8953febb0db83dff4574ad7e25d49c
5c4d8c1d71cb3f06e376df4cb71bdcd950b29f9f84f7a6a7a278c220a480ccd4
5d63412fb6b27f60f969fadc2c9c475386331db2bc6feccce0e90c47597e8929
5e1f9788804e56603b28fd1c5f6d7921742d055c9d6410e70cc968ae26869b5c
5ea940d593abb0842cded2bed0e4917cb80587ae05c73fc9eab30aee5d400852
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5f3b1de68a7354fa5ece6f8690f51154a5b0db63713acca6553543a15e933547
60af737c59104af32ed30ce00483c81beaa95b9488f886d09994b2d88e22f760
60e7a130977468dd657cdfdb7451bfdd1b2aed628503affbb0d65d9c3b01bf14
612e1798abdd89f6ebd02453e5f80f5bcee4583b21214c5f56470cc2a1fdabb1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623fbeb26821dac65a5562f9baa97e7dfd61c60def731cf8ccbc2bf825b3d3e8
680f4abc07f09237d349e1212e54b1b4ffb3cfe8201e2ac05f368597ac9c4393
68d5ca5aa304636bbd4445292c0ce7b26a8d39d838d2fb90d2ff0edffffc51ab
699b22bae98c1aa425ca06ee71fc333ee4ac2e74f719feca753b36e4c3fd114e
6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612
6bbd742a08994ef0fdf3c3dbe43c97abc31f993e30353472e78cfb647f669234
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cef71fac411461a7c57be6280c7e5c8fe2b3df47d9e5c1a1d6603c381f43df3
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
6f3fc80f9deadc1316f040afc46f06e1798b74bd3f80d0e414dad2effa8a2311
71211473bd0944f642c4247d2b8591281f02389d2ee01136e96f082a101dfce5
7505d7e03d267b06f1f1ce1ab2aa2eeb168acbd9994049a24b42d2016e4c2751
75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177
771038d843b308b2b343a3b4e3b21b5d7a343777cba61729fee27c7a5d4c6d7e
7803924df02278100adb0a24a4913112cf71d74d023fd6379dd958124993537a
7814192023cb69f7a017014199bb2488f493676bad5c1ce5f4cdcfa859bbd8de
791d83d6de49b8dac7d5dd678632ceb3c902eefcf173893e21383f7cd5f30143
79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899
7acd7c240fb4ea525f3e01c254d6efa248f454deca1da12a02426b2faf73b8f6
7db946144ae784e99131c8b61036ae8e4e0a6a5d04dda9baa8cd225a5ea3dd3e
7de7e75a7848ff8222363af83c77681e09c3b2573e3c730778d47f154cfbf155
82dc71c40b210bd3bc017971c0c36a58e387657d30d738812956275d604ce8bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c89840a23cdebc594290a90e1b5b8a36b4cadc98fa23f0840c43d385922ae0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e6bd8c14717d5a1461b156f532045f1131ae5c98849ade2e45d6193c6dbb69
86490ad3f5c6f49a6bfeda2aaca3a92a04951554df5c7b83c3d40392671aa39c
8671fdfce83f38fda3c0911e07b49bf4b7298baef06d71d3b1953dbf09b5ab4a
87b4f1657d1e30b19ee3b393c4678eeeac781512548b1bf19858c758d313ba53
8d230704768b5d2358d010d93a6c9b6bbe42e67befe603e710a6b2cbad945fd2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7b3643b7d5c5a5cc315ae1c4c64351ca66c31884e6703833f17045471eca4d
8f0c96a4c982077c13466c7888b87c23c42aecea9412cf71cba478c67d340e23
926ec479173908c870a4038280c3a892df8c3470e3ba7e15d82a82c8003dc8e0
92fe826d8ef9b9f8c0aa6a2fde75a247b396cd5dc03efd392daa0d8d209ba8ba
94dde8954b8bdd01477a469f9937f279cc483a955f1cc050fd686b3f690bb08c
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
9901b7c7f1b92588bae61817c0e10ea4f46a5c99fd1247fcff1fca704b7e90c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dbad73a13cd0f34233e0d0c731bd075bcc8a66dffb65769abd17a309977b4c1
9e2e12ff8674a41e0fa4d9ab2b50ea160c0c82a981847b2584a18c6be9c0387d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0cab1ed40a7aa1e4a62f2ae1300e4c91a2f9ec82484b075a503fa9618cd469d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a47ef3d5747219fc5fbfad88863a8d9a451771de8a30a16d9b794a3c77e3beac
a4f24f0c32add1aeb20f2d3af17d643736930f9027a0cce2adae064ee550c49c
aaadcba60ae494e13ec2e8abc57dca8e614e86943782044fb387b7f91d9c3cce
ab6dcdc369826bee6e938dc38494c1efc85f0e315c24e11dc25b5a32c556f426
ae825083480f63e9970c2ec78412906bcdce950a2c976a4b171b3ce530e0ecf9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2d6756e3ee842cf3c54d437d10e997d561e60255f0cbcaa3a70e03580ecd86
afddaa8a919a8a33ced38eeae1ee7bbe21d66458941b560561fe100938148c00
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b656ab9fe577d14224b0779b2e9629c68a01fe00aa7c96875bfad7ed5b8cec92
b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe
ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c054225572322b7c53367a9abf1138ec393b4d4bf1462ebaefb2be14d5e65acc
c2643e0fc761dfcbd5b4cb072c33fcbd30bcdc73f70b488c4a66de0c6409b615
c280513be5514ce624dc684ba0b33c5e415cdcc3810bbdeb99454533761ec046
c2a0de8afa42cc4bd115906f912c106760f73b108860708ec84e0f008d043563
c432d60812a6b760564df4b46b98cfb666c24f0f61c449f19bfd02a49eed3307
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5bcaccbfad38f670355de3986466a6d4f5fc5c74a874d9f6078365084d3f02b
c9084ca48010030c47ec37e7b2b91f2a4e6974ee5298db9368099b2a2a0aefda
c999d371261d5884f9bea49a3f1051793739b7f8680791a9fd21210e4be4c858
c9cc59f1a54a6a15d83f64d4e84da2750cd868e7a37b1f2bcea7947d90b1e22a
ca0e9d0df1239c65953a8661cc03c1ba420845f5d0fe522a75b4e5612256bda4
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd11611c519a8292e00750c134608f8479e2720d244ebd77e12e6846a1dbfeae
ce0cab8045845ffbf253a8ad09c2957f114e082a60234b6848dbc9d7d08c9d2b
cf18b3cbc63097c6d6feea2156a89b1f6f709d58a57a5ddbba1945188485c123
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03bf52989264bbd0fa6fb8e5a5a77278c8ab1364ae575509a233e56c32e29f2
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d27befe4599dc1d45a66d9cb6425315698eec0f7d9e43eb7803c3c5f4012e31d
d2eacf94143cbddb9f47389da0c2ee35b307fc3cc816bd22136282465486c2da
d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165
d6202bab7af5f082cce152cfba8759e95e4aefa056e174351d40b8013e459fe5
d6acc43aa647e19d541460c4fbc95203b8b306a54ca7f81888d67fba25071dbb
d9486ba165a7c79bac8eb0b2f0b4a6d52227ede424f3ad6a7d001bc0f3addea2
da6e5db23002b9c4c9e7330cc86471da5c47253cba0aeb3186ae8afbf563a49e
db62e35decd4fff416e3df524b8df20393fe84af831dea1ffdb96fbdaef6f7cc
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dc6a9376154a665147945c07a00560ca80df36ea06949ac8e0a0426c3473014e
dd5b13b9c000b55744f9cd5f0de25af30125eef4101c68a3c94bff012e20cc48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb432bc7d336bd8d2ef4654bb68e6964b9a3f62bedc67d0a95dc6080cbd634
e45f0e3dd3bb35a025c78fde6c6829c2facd5c4057f816057c57c5cb00947ae3
e4b8ff2b5aa4dcd5ff661a4a74b30e225abfb0eefa368f1244b546de7dbee814
e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5be1c07db9d4366b23e49882d488975596437bc5552f05415ee846698263aa7
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e80bcab0fa0113993923833fc0920eb93c1e54a6b1c950a3f2b85263203f6b4d
ea8576643dc7e543a9cc79f38b53a00177c102cfa6e93c4b42ab47e4f1021616
eabd3e9e62dea0c3e2c7540f976cdf699a5ceb9e1592d41d29288666b804edde
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef69eca203e040c5282878fa6a9641e5244da268537cb4a90b74c62ce716ee1c
f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189
f374d3df04867ddfe5c2146d4402b5e171f95345158d21b38ebfaa49e2e9d195
f52166a1db3e3730d58fbb9764242f837f1143d3e709fdd4f29928e6e75de3d5
f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f
f6c1dcfa8f4ebf664f2f7056b68cf19f7e8926ed9617981ea0de9b09907c09cd
f6d3a9d0745779c3f5ecdcd98aca2ca9a4da0b89ec58a2d86236ea7a6eb71bec
f72886187d4ab147378765482f1e450b254c783cd69690fd9dcb5f9509732986
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f7e18472939cdb4778358938e994c1717efd3f096c807e07862f0553b04affc9
f7f00e1b94395c25fb501849ae6047001c868aeb36305678fb6a8974c8fc237d
f9646ba51c6ddd3d78ac601bcf23b29c4a5f97c78a3c25069ad0832909e923e2
fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a
fc5e24bfc2b1d0ea7cf9983b92367e7b56354e70d1dd34f351aecc700d695e38
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
ff6eceb5746c8f1db6c931105e7f1ef2062a7d7adf5355a0359226adda81c6ad
fff2f5d8ef03178ae1a956d4547509c1e591589ef61e5a69f02572d1ea7aed65