urlscan.io logo urlscan.io
SecurityTrails logo

m.baixaki.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Submission Tags: falconsandbox
Submission: On May 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 10 countries across 57 domains to perform 229 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is m.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on November 8th 2022. Valid for: a year.
This is the only time m.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 179.191.182.65 52580 (Azion Tec...)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
4 12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2001:4860:480... 15169 (GOOGLE)
1 65.9.95.121 16509 (AMAZON-02)
1 5 13.32.121.37 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 52.222.236.122 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 65.9.90.93 16509 (AMAZON-02)
2 51.89.9.252 16276 (OVH)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 9 104.22.68.131 13335 (CLOUDFLAR...)
1 5 185.89.210.141 29990 (ASN-APPNEX)
1 5.135.209.97 16276 (OVH)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 65.9.99.209 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 35.201.123.184 396982 (GOOGLE-CL...)
17 2a00:1450:400... 15169 (GOOGLE)
6 34.102.185.99 396982 (GOOGLE-CL...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 19 172.217.18.2 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 3 3.122.150.201 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 6 69.173.144.139 26667 (RUBICONPR...)
2 2 3.71.149.231 16509 (AMAZON-02)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.65 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.102.45.165 16625 (AKAMAI-AS)
2 2 172.217.18.6 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 18.171.28.83 16509 (AMAZON-02)
1 65.9.95.48 16509 (AMAZON-02)
1 18.154.63.54 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.6.254 198622 (ADFORM)
2 2 108.128.62.83 16509 (AMAZON-02)
2 2 3.68.53.114 16509 (AMAZON-02)
2 2a02:2638:d::d 44788 (ASN-CRITE...)
2 23.56.202.187 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
2 18.133.81.67 16509 (AMAZON-02)
1 209.191.163.208 14744 (INTERNAP-...)
1 2 162.55.236.225 24940 (HETZNER-AS)
1 15.197.193.217 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:22::14 8068 (MICROSOFT...)
2 3 52.95.118.179 16509 (AMAZON-02)
2 3 52.46.155.104 16509 (AMAZON-02)
4 4 213.19.147.45 3356 (LEVEL3)
2 2 96.46.183.20 7979 (SERVERS-COM)
2 8.2.108.194 46636 (NATCOWEB)
1 1 2.16.238.146 20940 (AKAMAI-ASN1)
1 3.122.11.200 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
229 65
12    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
m.baixaki.com.br
img.ibxk.com.br
obj.ibxk.com.br
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
8    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.95.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-121.prg50.r.cloudfront.net
static.hotjar.com
5    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:20::ac43:4606 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.goadopt.io
disclaimer-api.goadopt.io
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
13    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
3    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
6    2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)
tags.denakop.com
3    65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.denakop.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
5    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    5.135.209.97 (France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu
prg.smartadserver.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    65.9.99.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-209.prg50.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
9    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
17    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
19    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    3.122.150.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-150-201.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    2a05:d018:d29:3602:a04a:f79b:5125:e037 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
9    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    18.171.28.83 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-28-83.eu-west-2.compute.amazonaws.com
track.webgains.com
1    65.9.95.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-48.prg50.r.cloudfront.net
analytics.webgains.io
1    18.154.63.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-54.dus51.r.cloudfront.net
cdn.track.production.webgains.team
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    108.128.62.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-62-83.eu-west-1.compute.amazonaws.com
match.360yield.com
2    3.68.53.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-53-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    18.133.81.67 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
api.webgains.io
1    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
2    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    213.19.147.45 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    2.16.238.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-146.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.122.11.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-11-200.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
Apex Domain
Subdomains		 Transfer
51 doubleclick.net
survey.g.doubleclick.net — Cisco Umbrella Rank: 49480
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
static.doubleclick.net — Cisco Umbrella Rank: 390
ad.doubleclick.net — Cisco Umbrella Rank: 201
353 KB
30 googlesyndication.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
276 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
3 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 23943
ad4m.at — Cisco Umbrella Rank: 9478
assets.ad4m.at — Cisco Umbrella Rank: 31150
561 KB
14 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 453
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
39 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
20 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
64 KB
9 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 85943
d.tailtarget.com — Cisco Umbrella Rank: 94993
tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 457525
b.t.tailtarget.com — Cisco Umbrella Rank: 74630
cm.t.tailtarget.com — Cisco Umbrella Rank: 12004
t.tailtarget.com — Cisco Umbrella Rank: 10191
38 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7054
csync.smilewanted.com — Cisco Umbrella Rank: 6291
static.smilewanted.com — Cisco Umbrella Rank: 14565
17 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 3425
adservice.google.de — Cisco Umbrella Rank: 5261
2 KB
9 baixaki.com.br
m.baixaki.com.br
132 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
551 KB
7 denakop.com
tags.denakop.com — Cisco Umbrella Rank: 262043
cpm.denakop.com — Cisco Umbrella Rank: 300183
135 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com — Cisco Umbrella Rank: 806
22 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
68 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
6 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
3 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
1 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 15646
api.webgains.io — Cisco Umbrella Rank: 40158
32 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
147 KB
3 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 43425
creativecdn.com — Cisco Umbrella Rank: 682
907 B
3 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 25684
usr.navdmp.com — Cisco Umbrella Rank: 29308
cdn.navdmp.com — Cisco Umbrella Rank: 8329
6 KB
3 ibxk.com.br
img.ibxk.com.br — Cisco Umbrella Rank: 896993
obj.ibxk.com.br
135 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3732
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
1 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2933
422 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
375 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3225
813 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547
static-de.ad4mat.net — Cisco Umbrella Rank: 111741
4 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
364 B
2 goadopt.io
tag.goadopt.io — Cisco Umbrella Rank: 143618
disclaimer-api.goadopt.io — Cisco Umbrella Rank: 152033
77 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 899
script.hotjar.com — Cisco Umbrella Rank: 1171
72 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
612 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
481 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
648 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
265 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7904
555 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 21883
2 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 61533
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 53210
437 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 53598
261 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15474
704 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2351
710 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 27240
440 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50702
608 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2029
558 B
229 57
Domain Requested by
19 cm.g.doubleclick.net 4 redirects f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
m.baixaki.com.br
12 www.google.com 4 redirects m.baixaki.com.br
tpc.googlesyndication.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
10 securepubads.g.doubleclick.net www.googletagmanager.com
securepubads.g.doubleclick.net
m.baixaki.com.br
9 static.doubleclick.net
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
m.baixaki.com.br
www.googletagservices.com
9 m.baixaki.com.br m.baixaki.com.br
8 www.googletagmanager.com m.baixaki.com.br
www.googletagmanager.com
tags.t.tailtarget.com
7 csync.smilewanted.com 1 redirects tags.denakop.com
csync.smilewanted.com
7 googleads.g.doubleclick.net www.googletagmanager.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 assets.ad4m.at as.ad4m.at
6 pixel.rubiconproject.com 4 redirects
6 tags.denakop.com m.baixaki.com.br
tags.denakop.com
6 www.google.de m.baixaki.com.br
5 ib.adnxs.com 1 redirects tags.denakop.com
acdn.adnxs.com
csync.smilewanted.com
5 sb.scorecardresearch.com 1 redirects m.baixaki.com.br
5 ssl.google-analytics.com 2 redirects m.baixaki.com.br
4 token.rubiconproject.com 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 fonts.googleapis.com m.baixaki.com.br
tpc.googlesyndication.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
3 sync.1rx.io 3 redirects
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 www.gstatic.com m.baixaki.com.br
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
3 pm.w55c.net 3 redirects
3 www.googletagservices.com f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
m.baixaki.com.br
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 c.amazon-adsystem.com tags.denakop.com
c.amazon-adsystem.com
3 stats.g.doubleclick.net 2 redirects www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 sync.richaudience.com 1 redirects csync.smilewanted.com
2 api.webgains.io analytics.webgains.io
2 eus.rubiconproject.com tags.denakop.com
eus.rubiconproject.com
2 gum.criteo.com tags.denakop.com
2 x.bidswitch.net 2 redirects
2 match.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 ad.turn.com 2 redirects
2 ad.doubleclick.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 b.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com m.baixaki.com.br
d.tailtarget.com
2 onetag-sys.com tags.denakop.com
2 region1.google-analytics.com www.googletagmanager.com
2 img.ibxk.com.br m.baixaki.com.br
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 px.ads.linkedin.com
1 match.adsrvr.org
1 ap.lijit.com csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 acdn.adnxs.com tags.denakop.com
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.awin1.com as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 id5-sync.com
1 sync.inmobi.com 1 redirects
1 ads.avads.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 prod-rtb.ad4mat.net m.baixaki.com.br
1 t.tailtarget.com
1 cm.t.tailtarget.com
1 www.facebook.com
1 tags.t.tailtarget.com m.baixaki.com.br
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 disclaimer-api.goadopt.io m.baixaki.com.br
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 prebid-us.creativecdn.com tags.denakop.com
1 prg.smartadserver.com tags.denakop.com
1 prebid.smilewanted.com tags.denakop.com
1 fastlane.rubiconproject.com tags.denakop.com
1 cpm.denakop.com tags.denakop.com
1 tag.navdmp.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 tag.goadopt.io www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 survey.g.doubleclick.net m.baixaki.com.br
1 obj.ibxk.com.br m.baixaki.com.br
229 98

This site contains links to these domains. Also see Links.

Domain
play.google.com
goadopt.io
nzn.io
Subject Issuer Validity Valid
azion.com
GlobalSign ECC CloudSSL CA - SHA384 - G3		 2022-11-08 -
2023-12-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-29		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-08 -
2023-05-09		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh

This page contains 32 frames:

Primary Page: https://m.baixaki.com.br/site/dwnld80148.htm
Frame ID: 302391DDBCBA54BEBAF003E8DBB8FF0F
Requests: 106 HTTP requests in this frame

Frame: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A8D914C2AEEE5C03052D14C5367C605
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 846BAACAC918B8460B5DAB5AAFA20678
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EF4946277FA5738A775E6282D1BFD40
Requests: 2 HTTP requests in this frame

Frame: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 57E5ABA057036F35203258277EFD1A04
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Frame ID: AA0D0224A9D83E0770BBD2589EA2AAE1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0120A5FC0A5D68417D442C4FCD843B44
Requests: 9 HTTP requests in this frame

Frame: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 381757778564231AB4E7C2CBCFB6E3C2
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 75EF8E5E31271EAC45B8FA89605EF5A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Frame ID: 16FE326452CA807C729094D948413B1A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41B69CB27E5F3FFE81466ADF47E74715
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Frame ID: 83DB7788EC6BA95B31CE89BB85247B69
Requests: 14 HTTP requests in this frame

Frame: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E10D8CD7E0A8BB470EA5BAECBDC19DE8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6D64A5A5241D5FA75C1142C10CDF8E6D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B2824DE8846116C38E8CCF123ACA4066
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A3E872092A0680B09F62542F1FC91EA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 80922C454DD053738693F7284A7B89B4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CA5995C3E5CBCD5B2674F9C45895291E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1683028656529
Frame ID: F7D4C8C8910A28D9493F41DBAA279FFB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0A5B46D10F0479F938721524906316C1
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 38F0C3AF7A1D63710F5AF149DB956213
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DA59C94252A9A37568A8DE864ADBE81E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A509BE464B8107F44A5A6553532A674F
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 7E5731A643D012C1BFEFD2FEF421D6F5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
Frame ID: 089BF0AA89DF51B1A9C8C0A4D371E57D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/d635246b-13ed-537a-9106-d8bff556220b
Frame ID: 335696CEA3B5E006F6DBD6807D74D26E
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 8CF97DED590C47D4B3024D483F800569
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/d53bbcea24218631748f73c483b6bc?gdpr_consent=&gdpr=0
Frame ID: 6B6E584AD18EA4848DE2A64C9A0F36C6
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: B68C159FE16B17707E52533BF0144803
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: F63E5FE482A9817CA3932991E65AA22D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l78OpYpgioL4z3Oqx7wF?pi=smilewanted&tc=1
Frame ID: E89FC03F35941717DC074B5C44E1A1E5
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23dc30795ceb9e9b7e6ccf6e01955994
Frame ID: E8A96B40DF32D159B7D9B9C9FB857589
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baixar Pool Break Lite Grátis | Baixaki

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

229
Requests

88 %
HTTPS

41 %
IPv6

57
Domains

98
Subdomains

65
IPs

10
Countries

2775 kB
Transfer

7045 kB
Size

96
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1899668954&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&utmhid=1877633331&utmr=-&utmp=%2Fsite%2Fdwnld80148.htm&utmht=1683028655716&utmac=UA-144680-1&utmcc=__utma%3D65309810.1368608102.1683028656.1683028656.1683028656.1%3B%2B__utmz%3D65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1940435358&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954&slf_rd=1&random=721413748
Request Chain 16
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=956042501&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&utmhid=1877633331&utmr=-&utmp=%2Fsite%2Fdwnld80148.htm&utmht=1683028655722&utmac=UA-144680-62&utmcc=__utma%3D65309810.1368608102.1683028656.1683028656.1683028656.1%3B%2B__utmz%3D65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1265853331&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501&slf_rd=1&random=3891154091
Request Chain 20
  • https://sb.scorecardresearch.com/cs/8756095/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMb55QORF66XAw62di0gB_8&google_cver=1&google_ula=862479430,0
Request Chain 114
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe1vN-e8acFbmHyW0FqMVcHsX18LM1gSL74QM-vJbfCNuYDrx2OOhc HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe1vN-e8acFbmHyW0FqMVcHsX18LM1gSL74QM-vJbfCNuYDrx2OOhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe1vN-e8acFbmHyW0FqMVcHsX18LM1gSL74QM-vJbfCNuYDrx2OOhc
Request Chain 115
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP1wU749KRPfyT4HO7IyMI&google_cver=1&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3IGjoDlTTpK0jnXoE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3IGjoDlTTpK0jnXoE&google_hm=wZH54s4uS3mTor4NM32-8Ig
Request Chain 116
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMTXbulPsIBfw-i8TtCJzWk&google_cver=1&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6yea-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6yea-w&google_hm=eS1ZVExNaEgxRTJwSEs1R05uSmk0NUhJRUQ1Lm00VlhFdH5B
Request Chain 117
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6-A9c1w_64TcFbxT97jJM&google_cver=1&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo27sq5e_DPrKFARb_1jnYt8etG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo27sq5e_DPrKFARb_1jnYt8etG
Request Chain 118
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELQvnzsh1n8W3_CkyNHajRM&google_cver=1&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6OfmaV2bpZ0_moI-H0rGKSLf5IuhJ3wQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELQvnzsh1n8W3_CkyNHajRM&google_cver=1&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6OfmaV2bpZ0_moI-H0rGKSLf5IuhJ3wQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CMC5HVE1WRTJ1SDVwa2NIeFVIc0o1b09UQTY3eVNuZn5B&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6OfmaV2bpZ0_moI-H0rGKSLf5IuhJ3wQ
Request Chain 119
  • https://ads.avads.net/sync/ggl?google_gid=CAESEEsYMGavwzaYN0IQnZ_W0LI&google_cver=1&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc2Q30sCCQXiWWuVUwEexaoCEyuQHZA2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGQ4NzQ5MDctZGVjNS00ZDMzLTg5NzAtYTc0MDQ3MDI0ZGM0&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc2Q30sCCQXiWWuVUwEexaoCEyuQHZA2A
Request Chain 120
  • https://sync.inmobi.com/gob?google_gid=CAESEKvA1nvCCMZ5yd37m-qDUjs&google_cver=1&google_push=ATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsHhkV_gGPDJUpScyEFxulJYjulUhcTGf-kYdJ9pZ7_OmmhFigllFjOpg HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsHhkV_gGPDJUpScyEFxulJYjulUhcTGf-kYdJ9pZ7_OmmhFigllFjOpg
Request Chain 142
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 162
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPuM-arK1v4CFQ2Fgwcd1SEHNQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 186
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1&google_push=ATf1kGOCRH0IVNlaHUgKi6HB2oVw2XowTcS5gPRDk4VPoLR6wzsJ6TwT-hHuUWqUBh_Lij85DH_Ax-7hwYQTSppgkUTQdH8ldvI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM0NDczOTk0NTQwOTg4NzUxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1
Request Chain 187
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGOnq2T12FnT2qMyN_NG4hvtis6beB29zmvIUz4WZ8Qxtd1iZivdAPiDrdoJmJlv5Z8NE-i1cxXIrRPn7D34tfrqbtLIT9XR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGOnq2T12FnT2qMyN_NG4hvtis6beB29zmvIUz4WZ8Qxtd1iZivdAPiDrdoJmJlv5Z8NE-i1cxXIrRPn7D34tfrqbtLIT9XR
Request Chain 188
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 189
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBd3eQv7CEJsGkcvS_k6u0Y&google_cver=1&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZbewuI7-oQLRw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0GPMP20DQr-xv2wN158r8A2&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZbewuI7-oQLRw
Request Chain 190
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIvp6-tQxNPQBp_JDnq7o8U&google_cver=1&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-61aZJK6LtCA4d_XB9FpK2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIvp6-tQxNPQBp_JDnq7o8U&google_cver=1&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-61aZJK6LtCA4d_XB9FpK2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2ODU2NTI2MzAwMTcwNDY1MA&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-61aZJK6LtCA4d_XB9FpK2
Request Chain 191
  • https://match.360yield.com/match/ebda?google_gid=CAESELKWv4EzA2rIpMejFGwhYnA&google_cver=1&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNznL6b2zk HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELKWv4EzA2rIpMejFGwhYnA&google_cver=1&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNznL6b2zk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RAhRx_FeT_yz8wkE_R-2uw&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNznL6b2zk
Request Chain 192
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKbfUFzoSLOfh2e8LNaZSD0&google_cver=1&google_push=ATf1kGNyJtskmV_b-uvYIdgdJcFeRtWyeb6GUukJGSdqL7Nzn7UCORcqRErgrGYYjHebCBbyOqSdbt--d8fhDQyCwfoLNmPCwaZmjw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKbfUFzoSLOfh2e8LNaZSD0&google_cver=1&google_push=ATf1kGNyJtskmV_b-uvYIdgdJcFeRtWyeb6GUukJGSdqL7Nzn7UCORcqRErgrGYYjHebCBbyOqSdbt--d8fhDQyCwfoLNmPCwaZmjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e21cff13-62fc-4ca2-972c-98ae241710c0&%%GOOGLE_PUSH_PAIR%%
Request Chain 194
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 211
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 213
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH67T2N0-24-1LY
Request Chain 214
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xw4qVJDdQRy01RhsWGOM5g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Xw4qVJDdQRy01RhsWGOM5g
Request Chain 215
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/52nR57wYOBGpbif-x0lW2A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KV_P6w1E2oKSGPo1AIWEeJvYRUclNl_jfH1W8A--~A
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHHtkGeatiRwDsRhL1urpGA&google_cver=1
Request Chain 217
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWZjMTdkNjM2Zjc5NmExMWE4Mjc4OWE0Y2ZjMjg1YTFiMjBjMDdjMQ
Request Chain 218
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EZ_kNWLnSya68fzGeFhGfQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EZ_kNWLnSya68fzGeFhGfQ
Request Chain 219
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg2N1QyTjAtMjQtMUxZ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6-A9c1w_64TcFbxT97jJM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=
Request Chain 220
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1683028660167 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1664053675 HTTP 302
  • https://sync.1rx.io/usersync/turn/3344739945409887515?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7cbbb982-f572-4a11-93d3-0e30618d0056-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
Request Chain 221
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/d635246b-13ed-537a-9106-d8bff556220b
Request Chain 223
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/d53bbcea24218631748f73c483b6bc?gdpr_consent=&gdpr=0
Request Chain 227
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l78OpYpgioL4z3Oqx7wF?pi=smilewanted&tc=1
Request Chain 228
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23dc30795ceb9e9b7e6ccf6e01955994

229 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dwnld80148.htm
m.baixaki.com.br/site/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
d37980d6a0752486b74c6f2bcbe0b2103d483b95a3ae75771dfc707a0ec437fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 02 May 2023 11:57:35 GMT
expires
Tue, 02 May 2023 12:02:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding, User-Agent
version
2.2.0
x-html-minification-powered-by
WebMarkupMin
site.css
m.baixaki.com.br/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/css/site.css?v=4
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
5ecad85ba6d1d687611e9cfa6edcf41c56b8b7cee19ef6d0576d07472e130741
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/css
date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 19:06:07 GMT
vary
Accept-Encoding, Accept-Encoding, User-Agent
version
2.2.0
app-item.css
m.baixaki.com.br/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/css/app-item.css
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
40b42d6022c4e565866f1eb69501ca2d778a6ce082e93dabbaf1cd48c5080e6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/css
date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 19:06:07 GMT
vary
Accept-Encoding, Accept-Encoding, User-Agent
version
2.2.0
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 11:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 11:28:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 11:57:35 GMT
logo-baixaki-top.png
m.baixaki.com.br/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.baixaki.com.br/images/logo-baixaki-top.png
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
00b311cf6ee96aaddd21025cb368be72f70a5cd97cad47941ade03acc937ea86
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 07 Dec 2022 19:06:07 GMT
vary
User-Agent
content-type
image/png
accept-ranges
bytes
content-length
2480
version
2.2.0
80148108-t100x100.png
img.ibxk.com.br/2014/3/programas/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ibxk.com.br/2014/3/programas/80148108-t100x100.png
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
loading.gif
img.ibxk.com.br/baixaki/mobile/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ibxk.com.br/baixaki/mobile/loading.gif
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx/1.6.0 /
Resource Hash
ea4f299f6035001d8e1e584888c3d6c6e89ae48096e1ca64b839448e0947c9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
last-modified
Sat, 19 Jan 2013 00:00:00 GMT
server
nginx/1.6.0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
11763
expires
Tue, 09 May 2023 11:57:36 GMT
jquery-1.11.1.min.js
m.baixaki.com.br/lib/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/lib/jquery-1.11.1.min.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
application/javascript
date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 19:06:07 GMT
vary
Accept-Encoding, Accept-Encoding, User-Agent
version
2.2.0
site.js
m.baixaki.com.br/js/ 		154 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/js/site.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
4e7ff3797f4673e422a31c93c85e2c671ebf0dd7d9abee78d9cca235995dd60d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
application/javascript
date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 19:06:07 GMT
vary
Accept-Encoding, Accept-Encoding, User-Agent
version
2.2.0
app-item.js
m.baixaki.com.br/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/js/app-item.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
800f50c30e94bd92c70f9e105f12d6527e6981e65c86dfd783ee5e36051ab99a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/site/dwnld80148.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
application/javascript
date
Tue, 02 May 2023 11:57:35 GMT
content-encoding
br
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 16 Dec 2022 13:22:50 GMT
vary
Accept-Encoding, User-Agent
version
2.2.0
bg-apps.png
obj.ibxk.com.br/layout/bxk/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obj.ibxk.com.br/layout/bxk/bg-apps.png
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c21b5d2f74f838c453f21552eaae3430653ad239f37649ccc4ffe4e0c0248ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
last-modified
Wed, 03 Jun 2015 17:41:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=30
accept-ranges
bytes
content-length
125697
expires
Tue, 02 May 2023 11:58:05 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 May 2023 10:10:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6428
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 02 May 2023 12:10:27 GMT
gtm.js
www.googletagmanager.com/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8db21618a9b67b34683779177e55e947db5310147e5afe9fead137a3fad12e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72467
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:35 GMT
survey
survey.g.doubleclick.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_cpl5wfr5cso2mmrpmnko7pmj54&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&cid=everything&random=1683028655629
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
sprite.png
m.baixaki.com.br/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.baixaki.com.br/images/sprite.png?v=2
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/css/site.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
00b5373ee48dfd578575f418691e30f66462ad7b31a57e9893e63269469de9b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/css/site.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 16 Dec 2022 13:22:50 GMT
vary
User-Agent
content-type
image/png
accept-ranges
bytes
content-length
8090
version
2.2.0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://m.baixaki.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
280040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:10:15 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1899668954&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bai...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954&slf_rd=1&random=721413748
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954&slf_rd=1&random=721413748
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=1368608102.1683028656&jid=1940435358&_v=5.7.2&z=1899668954&slf_rd=1&random=721413748
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=956042501&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baix...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501&slf_rd=1&random=3891154091
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501&slf_rd=1&random=3891154091
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=1368608102.1683028656&jid=1265853331&_v=5.7.2&z=956042501&slf_rd=1&random=3891154091
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=397926856&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&utmhid=1877633331&utmr=-&utmp=%2Fsite%2Fdwnld80148.htm&utmht=1683028655724&utmac=UA-144680-1&utmcc=__utma%3D65309810.1368608102.1683028656.1683028656.1683028656.1%3B%2B__utmz%3D65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 18:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 May 2023 11:37:22 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1213
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 02 May 2023 13:37:22 GMT
hotjar-592798.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-592798.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-121.prg50.r.cloudfront.net
Software
/
Resource Hash
460e5ff18b16e85877db74b95404cf2e30e8d89b5e1bfeb694c5e39dede0c28d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
57
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/4daf21314f4477979086ce7cf3ec0b48
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
bW2qhnz41IuGTCsYTIbVGYQzt5_e29x8ILwTCq-JoD17t5OPgtTY6w==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/8756095/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:54:14 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 10:02:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
202
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
IlxoHQ74X0-gbMrsOLqwstshGcte9LtsQ6t5uIwOGtxxlzQRM6vozA==

Redirect headers

date
Tue, 02 May 2023 11:57:35 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
LlKjn626KBeGohVAaJ2tN9smCz2pmDLn3wwk3kyXBLgLNRs8rWl2mw==
injector.js
tag.goadopt.io/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
231efdc2dcdb86739c1e30a68d44cdfee6780005e38beab1430257eb8e9fed0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 11:57:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ofKXfw%2FIHq%2F07p9%2BPjUbw%2BKFQ9%2BjC%2BpM6WiCLKlnoJ6xfciIfPZqQv%2BJJtilRyKHGhuFk5X3bn47g1R3aUZyDchmKm6FTvMVN6lToECj0X1bnk5yLa98qvrljueF4KOLFpooLXupFog5qWc"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
7c10166aefc2b7af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 05:40:38 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
22629
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
VdY7BoshYJ__Ukq4k6YIVh_mSeg9ncvXYB8sKgxiX2sclIQTxCLCmQ==
js
www.googletagmanager.com/gtag/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87a150659e20187e7b5d266fc713f4ec612dd4d33818fb5576069109257dfd84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79306
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 May 2023 11:57:35 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=8756095&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683028655821&ns_c=UTF-8&c3=11&c7=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&c8=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&c9=
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
39qyWYMcidVkCPKvGxV5RpvLP8GyoRZH-0WTbPj4di-lh3Bn0Oefcw==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683028655821&ns_c=UTF-8&c7=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&c8=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&c9=
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:35 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
92Q0WV45s66mQTOOZ-4w5k8mc3rfThD9HBMELsft7PnDKpMvIkLXlg==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1877633331&t=pageview&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028655836&_u=YQBCAEABAAAAACAAI~&jid=1838084716&gjid=211198833&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&_r=1&_slc=1&gtm=45He34q0n81TFCS6ZG&z=1865341199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je34q0&_p=1877633331&cid=1368608102.1683028656&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683028655&sct=1&seg=0&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-144680-1&cid=1368608102.1683028656&jid=1838084716&gjid=211198833&_gid=1564098374.1683028656&_u=YQBCAEAAAAAAACAAI~&z=215486427
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.50a80ed62b384955a8b2.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-592798.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 11:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
348688
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69259
last-modified
Fri, 28 Apr 2023 11:05:08 GMT
etag
"64d5841f997872b89ef043f224290bdf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
3_a6Wnv3ZlmNkvqNYBsi9OF_HXX6n0OcAGBUiQ4WrmbNsA_JUEZ0Xw==
ga-audiences
www.google.com/ads/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-144680-1&cid=1368608102.1683028656&jid=1838084716&_u=YQBCAEAAAAAAACAAI~&z=1931767526
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-144680-1&cid=1368608102.1683028656&jid=1838084716&_u=YQBCAEAAAAAAACAAI~&z=1931767526
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=4&utmn=2005973066&utmhn=m.baixaki.com.br&utmt=event&utme=5(Baixaki%20Mobile*Acesso%20Novo*)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&utmhid=1877633331&utmr=-&utmp=%2Fsite%2Fdwnld80148.htm&utmht=1683028655920&utmac=UA-144680-1&utmcc=__utma%3D65309810.1368608102.1683028656.1683028656.1683028656.1%3B%2B__utmz%3D65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 02:06:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35445
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://m.baixaki.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
279291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 06:22:44 GMT
icones.ttf
m.baixaki.com.br/css/fonts/ 		4 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.baixaki.com.br/css/fonts/icones.ttf?7ea0yb&new
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/css/site.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
/
Resource Hash
4d2a47d125984cb65570ba5d9c2ccab7bdc761f53805e2689a02945aea3f55f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://m.baixaki.com.br/css/site.css?v=4
Origin
https://m.baixaki.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
application/x-font-ttf
date
Tue, 02 May 2023 11:57:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 13:22:50 GMT
vary
Accept-Encoding, User-Agent
version
2.2.0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6fcc18117e7df031fe4dfb71d2e7e8817b040c3dcac44e7887a8f056f43e50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24810
x-xss-protection
0
server
cafe
etag
36 / 19479 / m202304270101 / config-hash: 6125404096776407943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 May 2023 11:57:36 GMT
tm13767.js
tag.navdmp.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13767.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a0fd951162d31407960cf0f5769fad30a4f0ffc979c1e43c7d5384010e9be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 20:04:20 GMT
server
cloudflare
age
1014
etag
W/"62c49944-3f99"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7c10166c3dad0a63-AMS
expires
Tue, 02 May 2023 12:40:42 GMT
denakop.js
tags.denakop.com/10571/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10571/denakop.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d016d4214b91ecdd5d37e1e7d447a5996aa354a960099c057bdf45dd1325bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 01 May 2023 15:07:30 GMT
server
cloudflare
age
2937
etag
W/"644fd5b2-b1a6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7c10166c4e170e3b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid.js
tags.denakop.com/ 		272 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/prebid.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 14:43:23 GMT
server
cloudflare
age
2202
cf-polished
origSize=279167
etag
W/"643d5b0b-4427f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7c10166cae730e3b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
m.baixaki.com.br.js
tags.denakop.com/10571/ 		217 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.denakop.com/10571/m.baixaki.com.br.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f02bfbd027a0b20c406aa84a5741be53cd3bd343378a246fd58c8ef5e3d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 01 May 2023 15:07:30 GMT
server
cloudflare
age
1061
etag
W/"644fd5b2-36459"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, must-revalidate, max-age=3600
timing-allow-origin
*
cf-ray
7c10166cae750e3b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:45:42 GMT
content-encoding
gzip
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
715
x-amz-server-side-encryption
AES256
etag
W/"e301ce991ef543783521cd0156a962ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
yf37e-jOseogiV1oHhbKK2fyWqtUXnutF3eiOE3V2Jid-i3MeN0AYg==
api.gif
tags.denakop.com/ 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&t=1683028656148&cb=0.5278451633527965
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7c10166cfb4e1caa-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 08:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
13810
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126154
x-xss-protection
0
server
cafe
etag
17925783384364415813
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 01 May 2024 08:07:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		912 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f83e7bdd0aba37f486a70e60c8c62a0c2cee4ab21ddf2d1a106b7a1185094148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
417
x-xss-protection
0
expires
Tue, 02 May 2023 11:57:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fm.baixaki.com.br&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:27:22 GMT
via
1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
1814
x-cache
Hit from cloudfront
access-control-allow-origin
https://m.baixaki.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
3ggFpJE09NKowgHULCmSSSgcI7FIiWGDoOmXCDan-srxcMFt04j1Sw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
date
Tue, 02 May 2023 00:08:24 GMT
x-amz-cf-pop
PRG50-C1
age
42552
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
sDnu0SSvWkLfw6r1TB0jbQpUoB59kaKj6VMPmliy0n4XK2v5wOPVDg==
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://m.baixaki.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb
cpm.denakop.com/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.denakop.com/hb?zone=166150&v=1.6
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:36 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://m.baixaki.com.br
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10571,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.baixaki.com.br%2Fsite%2Fdwnld80148.htm&tk_flint=pbjs_lite_v7.11.0&x_source.tid=f2058b6d-a27f-4944-a8ca-2b06bf631618&l_pb_bid_id=69ac2817468707&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9403060256651159
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
99e693b2d51406f7e2869ac6d883b4bcf260ad0974ec46cac9f1a1ea3f65f146

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://m.baixaki.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7c10166f0ccb363b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		139 B
951 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
28985fbb2c37a0914533d7eca9cfe9a695448e5c543f5223fb95208c896c3e07
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:36 GMT
AN-X-Request-Uuid
9a34acd3-8718-41c5-9445-b99249d2338d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://m.baixaki.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://m.baixaki.com.br
date
Tue, 02 May 2023 11:57:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&pid=xTAbByHFHUDGl&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22denakop-single-horizontal-8d25a894-8cfe-4d01-94e1-481c3205b57e%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22728x180%22%5D%2C%22sn%22%3A%22%2F21715141650%2C36373682%2Fm.baixaki.com.br%2Fdesktop_horizontal%22%7D%5D&schain=1.0%2C1!denakop.com%2C0%2C1%2C%2C%2C!google.com%2Cpub-8170966538152543%2C1%2C%2C%2C&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:36 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
Z5KC3JYAZ20MW05TYVT3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
h1iNM0y8IOrDeTipsZYx3Ig2h3GsTsD7yoSt8TJJpyaXd6BEup_TTQ==
api.gif
tags.denakop.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&t=1683028656791&cb=0.503085301171873&aa=horizontal
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7c101670f8001caa-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		986 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3707403826669692&correlator=3790419690710913&eid=31073385%2C31074224%2C31071325&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=21715141650%3A36373682%2Cm.baixaki.com.br%2Cdesktop_horizontal&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=1&adks=688589747&didk=958823179&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26hostname%3Dm%2Cbaixaki%2Ccom%2Cbr%2Cm.baixaki.com.br%26pathname%3D0%253Asite%2C1%253Adwnld80148%2C2%253Ahtm%2C%252Fsite%252Fdwnld80148.htm%26placement_name%3Dhorizontal%26keyword%3Dsite%2Cdwnld80148%2Chtm%26tier%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683028656968&lmt=1683028656&dlt=1683028655561&idt=675&adxs=315&adys=173&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=20&vis=1&psz=1600x146&msz=970x0&fws=0&ohw=0&ga_vid=1368608102.1683028656&ga_sid=1683028656&ga_hid=1877633331&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0225d56d9142252a3c817fc11a31c3c57dccec9613ee67f08a6c844738754b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
515
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A8D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:37 GMT
expires
Wed, 01 May 2024 11:57:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
get-consent
disclaimer-api.goadopt.io/api/tag/ 		141 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
55230a3b5bd244b408bedc6012103388c4c07bcab8c59e82e8dd57f21bdd4625

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"8d-ahp0FpMKTJ+IIARgOWKGFufWa20"
vary
Origin
access-control-max-age
5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://m.baixaki.com.br
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP3rXUBBNPIXYlB6ymAZCCL01PqC8Bd5h2AkPbzGzQm1mECd%2Bo%2FE0fJWP8Cm7iO%2FDVREfvG2UvHTDsVj6I66CLxQ7PJpjBIQ0zGUWgAA%2BxpKuutkiLZoPugP%2FFQ1zapneGccsYNdZ0u6R735q%2Fx0WdkvzKZHWjI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7c101672deeeb7af-AMS
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN
usr
usr.navdmp.com/ 		77 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf38eeed0dff1432d21a4835eb1ebdc3b5523927ee47f08dd455d3436c3785ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7c101672dde30a63-AMS
expires
Tue, 02 May 2023 12:57:37 GMT
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=12a3d088dc81ea731f757ced5b10&acc=13767&url=https%3A//m.baixaki.com.br/site/dwnld80148.htm&tit=Baixar%20Pool%20Break%20Lite%20Gr%E1tis%20%7C%20Baixaki&utm=65309810.1683028656.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29&h1=Pool%20Break%20Lite
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c101673ef510a63-AMS
content-length
6
content-type
application/x-javascript
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b346ed81a0ea9a0de3dc31497aa1474745028342089af00a8b105466c7346f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11174
x-xss-protection
0
t3m.js
tags.t.tailtarget.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 10:21:01 GMT
content-encoding
gzip
via
1.1 google
age
5796
x-guploader-uploadid
ADPycdtT_dIfLr7JZ8-aZbyWl_3nwiVuD1RciQ5Q7OUr7N8j1XokCYXREUOEVS6jcnY149iG1FLeSjQtLkuBvopo3ldeqOSDxh3z
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21236
last-modified
Tue, 11 Apr 2023 17:26:14 GMT
server
nginx/1.8.1
etag
"8d242bfc70276e9b827cbc9217e0fe74"
vary
Accept-Encoding
x-goog-generation
1681233974827693
x-goog-hash
md5=jSQr/HAnbpuCfLySF+D+dA==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
21236
accept-ranges
bytes
expires
Tue, 02 May 2023 12:21:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1877633331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&el=10&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028657525&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&gtm=45He34q0n81TFCS6ZG&z=1252721962
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 03:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31861
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1877633331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&el=25&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028657530&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&gtm=45He34q0n81TFCS6ZG&z=281362647
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 03:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31861
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1877633331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&el=50&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028657533&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&gtm=45He34q0n81TFCS6ZG&z=861710417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 03:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31861
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1877633331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&el=75&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028657536&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&gtm=45He34q0n81TFCS6ZG&z=804120305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 03:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31861
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1877633331&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&ul=en-us&de=UTF-8&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&el=100&_utma=65309810.1368608102.1683028656.1683028656.1683028656.1&_utmz=65309810.1683028656.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1683028657539&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=1368608102.1683028656&tid=UA-144680-1&_gid=1564098374.1683028656&gtm=45He34q0n81TFCS6ZG&z=2137827390
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 03:06:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31861
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 10:39:31 GMT
content-encoding
gzip
age
4686
x-guploader-uploadid
ADPycdvb50hTKJid_FddC_LTREeo1HAHPXuJS1Gc_H_-CmEg8YLQV6e5tUHdXJ_NTtvW8USEg0w73pO8ioS-4vubk4yvA5DDb37z
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Wed, 03 May 2023 10:39:31 GMT
js
www.googletagmanager.com/gtag/ 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12fedf908d68f07888968f65afb795d3bb306db0ad62b4049ac2bde764259008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67148
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d88fc1552deb07be4ffa4176fb52f3e926d5f99c7b3a0e699d1c43d7230c6c42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73012
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbc0ae1b1d89d23d2e0860e277b02d59c14d7aa06f386548b8323bf53ef06f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73039
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd4d791b12af73d93393e25a098386a3f84d8d51373f9d04effa026ec74c87d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72970
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d197399afc44acb8f57a747675d005299100fd1bd9578fe5be2c69bec9f1bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72981
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd9d49240ec3dd8220d9bec37087e20f70e5a0083e909989846aefb92f0a3c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52098
x-xss-protection
0
last-modified
Tue, 02 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 May 2023 11:57:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 May 2023 11:57:37 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 07:44:46 GMT
content-encoding
gzip
age
15171
x-guploader-uploadid
ADPycdtD6Mq5gergmwSZMDI9h2KNP5O3O739Ng2HCXJshi8nGhNizR5vf1uhRjntuN2nQV_eampFX83tNTKP3ns7zjFVIA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Wed, 03 May 2023 07:44:46 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-baixaki:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1683028658&tM=direct&tL=direct&tN=direct&tY=3&tZ=931802779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
u
b.t.tailtarget.com/ 		54 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c98154a351cb3532c7c90220babec9c5e13224ea445d3b40e27f8db7352f582b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1683028657718&cv=11&fst=1683028657718&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&hn=www.googleadservices.com&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&auid=1145051249.1683028658&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
320eb3ec664cf8c66f844314f1831a5f74f22b64edd2751e3b5960b658754a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1246
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1683028657739&cv=11&fst=1683028657739&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&hn=www.googleadservices.com&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&auid=1145051249.1683028658&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84e3c47380d4c264f6ca6d42ddd2166675f00dc1b848c5237c00b6fc892eda73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1683028657759&cv=11&fst=1683028657759&bg=ffffff&guid=ON&async=1&gtm=45be34q0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&hn=www.googleadservices.com&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&auid=1145051249.1683028658&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16493ff1a37c6fc0a90d4ac5fa859cdc07109cd0129479708bbdd44c2a157d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 846B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 09:19:08 GMT
expires
Wed, 01 May 2024 09:19:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EF4 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2817f7c6472f798c94f648e3b79454d305b0ea102814458c0f7fd1fdeb8f50f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4g_QwuGcM6nIDw_0KGzzZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-4g_QwuGcM6nIDw_0KGzzZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:37 GMT
expires
Tue, 02 May 2023 11:57:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2EF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304270101&jk=3707403826669692&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 846B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 02:43:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
119638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Apr 2024 02:43:39 GMT
/
www.google.com/pagead/1p-user-list/814785950/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/814785950/?random=1683028657718&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3903312858&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/814785950/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/814785950/?random=1683028657718&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3903312858&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/AW-931232517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1683028657759&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3516663258&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-931232517/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1683028657759&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3516663258&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801247112/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801247112/?random=1683028657739&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4057995162&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/801247112/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/801247112/?random=1683028657739&cv=11&fst=1683025200000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=0&tiba=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4057995162&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
b.t.tailtarget.com/ 		107 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=2&tU=0100007FB1FA50641D07263802607525&tX=b.52&tZ=600210965
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4006c92ab0c9597c71e66c2858b5ae456f83f19dcf17ad05294ed9bcdcf930c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame 846B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?31_C-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ca
tt-9964-3.seg.t.tailtarget.com/ 		83 B
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=948835713
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
1bf2d844067fa5866f8c004c548f3a30fa9dc0ad9f75e45bfcec1b3543cea1f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3707403826669692&correlator=411689907910475&eid=31073385%2C31074224%2C31071325&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=21715141650%3A36373682%2Cm.baixaki.com.br%2Cdesktop_horizontal&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=2&adks=688589747&didk=958823179&sfv=1-0-40&ris=1&rcs=1&prev_scp=dk_refresh%3Dtrue%26hostname%3Dm%2Cbaixaki%2Ccom%2Cbr%2Cm.baixaki.com.br%26pathname%3D0%253Asite%2C1%253Adwnld80148%2C2%253Ahtm%2C%252Fsite%252Fdwnld80148.htm%26placement_name%3Dhorizontal%26keyword%3Dsite%2Cdwnld80148%2Chtm%26tier%3D1&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252Fsite%252Fdwnld80148.htm%26category%3Dandroid%252Cpool-break-lite&sc=1&cookie=ID%3D69eb4c63df95d1ac%3AT%3D1683028656%3AS%3DALNI_Mb93-D-Ka-oMuIGeFccWlzc53gzTA&gpic=UID%3D00000bf3daf5cdfd%3AT%3D1683028656%3ART%3D1683028656%3AS%3DALNI_MaW8V-Yla9FoUv8X4lpAAdVmydBBQ&abxe=1&dt=1683028658091&lmt=1683028658&dlt=1683028655561&idt=675&adxs=315&adys=173&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=20&vis=1&psz=1600x146&msz=970x0&fws=0&ohw=0&ga_vid=1368608102.1683028656&ga_sid=1683028656&ga_hid=1877633331&ga_fc=true&ga_cid=1564098374.1683028656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08eccdcf52995ae6ae72572c63ba61057f68b074e4367b6815224e8d4c00e6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11882
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		91 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3707403826669692&correlator=411689907910475&eid=31073385%2C31074224%2C31071325&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2CFooter_Leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100&ifi=3&adks=2893152812&didk=1909334734&sfv=1-0-40&prev_scp=refresh%3Dtrue&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252Fsite%252Fdwnld80148.htm%26category%3Dandroid%252Cpool-break-lite&sc=1&cookie=ID%3D69eb4c63df95d1ac%3AT%3D1683028656%3AS%3DALNI_Mb93-D-Ka-oMuIGeFccWlzc53gzTA&gpic=UID%3D00000bf3daf5cdfd%3AT%3D1683028656%3ART%3D1683028656%3AS%3DALNI_MaW8V-Yla9FoUv8X4lpAAdVmydBBQ&abxe=1&dt=1683028658097&lmt=1683028658&dlt=1683028655561&idt=675&adxs=650&adys=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=20&vis=1&psz=1600x687&msz=1600x-1&fws=512&ohw=0&ga_vid=1368608102.1683028656&ga_sid=1683028656&ga_hid=1877633331&ga_fc=true&ga_cid=1564098374.1683028656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e18c5c33022a44f1a3a15ea5a4c3c4a8ac25544ff7adc7da64f809fd1dbe101
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMH2w6rK1v4CFf3JuwgdcSACjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12528182951009058816/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMH2w6rK1v4CFf3JuwgdcSACjg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12528182951009058816/index.html
date
Tue, 02 May 2023 11:57:38 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 May 2023 11:57:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMb55QORF66XAw62di0gB_8&google_cver=1&google_ula=862479430,0
70 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMb55QORF66XAw62di0gB_8&google_cver=1&google_ula=862479430,0
Protocol
H2
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMb55QORF66XAw62di0gB_8&google_cver=1&google_ula=862479430,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_weimar_thuringia_de_1683028657955_2997014920&tJ=CA28766,CA15795,CA15771&tQ=par-baixaki,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FB1FA50641D07263802607525&tX=b.52&tY=1&tZ=655520547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
container.html
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 57E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:37 GMT
expires
Wed, 01 May 2024 11:57:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 57E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEblnsvpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEgwJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHduil9oaLr3HnmzukHy1WZWErZwvVaYVAAXdjBbSzDEPWyO-XnSx4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=Fg8ZZhC8sI8&uach_m=[UACH]&cid=CAQSOwBygQiDZhAkVc3zZq9kHpqewTtaWrXhA7BTEbne0yA5bYD0a2mPkQr5oTh-2CIS6PWfG7BQ3NkBsbw-GAE
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 57E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g89d56bxvc7vm214xyvn6629mtzt7c68p79fxcap11yrhyse2vnecmpb5ah1q5me5yk0q3sd9e8h2cmxj95nc47671t7s298zdvf8r2fen24266n90na9m32nrjq9sz2qrz827n6pde5qtajnva03dyrnarwt10nd6cyc34enmsk6zywgf372frhhrxr1kheaje4hkfx4y200c8jz0dkt1bwv2wzazetqec15j91mtw69f92w860j710f7n8maa1yf3qrptc6nqwx5me1vaq1t31yxz1chd2mawhss553v0nxtbwt62wxrzxbp87asp9r35y2kd62mt2ce9c88pgkyjpsvhnyk4f6p81g53d68sd8f3h7hpzk7ef0nwndhmagegnmvz8fm95j8&b=ZFD6sgACnBgIu8kAAAEJuTgC0fIUlnx95hFJcg
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 May 2023 11:57:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AA0D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfea029b539065e96352a9af0df513bebc1a0bd1833185a4fac0b3d8ad5f95d8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c10167b2f8bb74c-AMS
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 57E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 19:52:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0120 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 02 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 57E5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
57136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:05:22 GMT
l
www.google.com/ads/measurement/ Frame 57E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQugrdiELQSV-OaGIOgBi7Y9POlEdVU2hgsNaAOuDXVb32e46AwxzuiIJ9fN96APF2kTTpJ8YVDy3urEEhPXJ4ya9Pm7w
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 57E5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
231691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Apr 2024 19:36:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57E5 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 11:57:38 GMT
truncated
/ Frame 57E5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc0b19854c48bc3048327aaff88e2375f85e02b7dfc648bb9a0467778999427a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe1vN-e8acFbmHyW0FqMVcHsX18LM1gSL74QM-vJbfCNuYDrx2OOhc
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05e7e34dc077f730b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGP1_n86VYt7UR1pde57N29bigdjV8xagiW8obKjvCe1vN-e8acFbmHyW0FqMVcHsX18LM1gSL74QM-vJbfCNuYDrx2OOhc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENP1wU749KRPfyT4HO7IyMI&google_cver=1&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3IGjoDlTTpK0jnXoE&google_hm=wZH54s4uS3mTor4NM32-8Ig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3IGjoDlTTpK0jnXoE&google_hm=wZH54s4uS3mTor4NM32-8Ig
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGNmiJfmLBE4_RUrzvVqmF2NaIZq1hyEEilxSqo2S_FxyDc8OsZAO6f43p2MzUe7o1JQ0_abi2jvDN3IGjoDlTTpK0jnXoE&google_hm=wZH54s4uS3mTor4NM32-8Ig
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMTXbulPsIBfw-i8TtCJzWk&google_cver=1&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6yea-w&google_hm=eS1ZVExNaEgxRTJwSEs1R0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6yea-w&google_hm=eS1ZVExNaEgxRTJwSEs1R05uSmk0NUhJRUQ1Lm00VlhFdH5B
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 May 2023 11:57:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNG0yJXIvneLzemk-23tNJWpBxUGgFveLsm-36q-5mDE3BBrUS1JcWGLb6dymGhs9O7cu5zQcSkpmW-FDLANUm3ki6yea-w&google_hm=eS1ZVExNaEgxRTJwSEs1R05uSmk0NUhJRUQ1Lm00VlhFdH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6-A9c1w_64TcFbxT97jJM&google_cver=1&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo27sq5e_DPrKFARb_1jnYt8etG
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo27sq5e_DPrKFARb_1jnYt8etG
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=ATf1kGMBh8jKjR3l6t2b8-QaiGzVJB7aGEYzkhIblt_9uX6UysvfDDimrbaywSI6m9EU40lzUWo27sq5e_DPrKFARb_1jnYt8etG
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELQvnzsh1n8W3_CkyNHajRM&google_cver=1&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6Ofm...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELQvnzsh1n8W3_CkyNHajRM&google_cver=1&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6Ofm...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CMC5HVE1WRTJ1SDVwa2NIeFVIc0o1b09UQTY3eVNuZn5B&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CMC5HVE1WRTJ1SDVwa2NIeFVIc0o1b09UQTY3eVNuZn5B&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6OfmaV2bpZ0_moI-H0rGKSLf5IuhJ3wQ
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CMC5HVE1WRTJ1SDVwa2NIeFVIc0o1b09UQTY3eVNuZn5B&google_push=ATf1kGOjHIxkeEcsmxvbAM9zTrl2Cpxr3FRSHPwdrRshl4fqtwG_Olhq5Q-1b1lNpZbH6R6OfmaV2bpZ0_moI-H0rGKSLf5IuhJ3wQ
date
Tue, 02 May 2023 11:57:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0120
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEEsYMGavwzaYN0IQnZ_W0LI&google_cver=1&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc2Q30sCCQXiWWuVUwEexaoCEyuQHZA2A
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGQ4NzQ5MDctZGVjNS00ZDMzLTg5NzAtYTc0MDQ3MDI0ZGM0&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGQ4NzQ5MDctZGVjNS00ZDMzLTg5NzAtYTc0MDQ3MDI0ZGM0&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc2Q30sCCQXiWWuVUwEexaoCEyuQHZA2A
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NGQ4NzQ5MDctZGVjNS00ZDMzLTg5NzAtYTc0MDQ3MDI0ZGM0&google_push=ATf1kGPV1ajs-dfmgFRDnNNFVoZeagFuukeB4NTonCRMFVV2_lxdTpoVT8EqlyQgAhmsHjc2Q30sCCQXiWWuVUwEexaoCEyuQHZA2A
date
Tue, 02 May 2023 11:57:37 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
0.gif
id5-sync.com/i/495/ Frame 0120
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEKvA1nvCCMZ5yd37m-qDUjs&google_cver=1&google_push=ATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsHhkV_gGPDJUpScyEFxulJYjulUhcTGf-kYdJ9pZ7_OmmhFigllFjOpg
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsH...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsHhkV_gGPDJUpScyEFxulJYjulUhcTGf-kYdJ9pZ7_OmmhFigllFjOpg
Protocol
HTTP/1.1
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 May 2023 11:57:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Tue, 02 May 2023 11:57:38 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGM3bnrj2Je8He9DQXnAoa8fIzqiXw1Hk5wecwB3TqsHhkV_gGPDJUpScyEFxulJYjulUhcTGf-kYdJ9pZ7_OmmhFigllFjOpg
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 0120 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InkwbSMeQQ7ojVWaKEf08dh5inQZ97RzPyso1XuldNLb4tG_koSab3eLNC4lVBUV1Yz1oT47kk
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame AA0D 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
607976
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvGlv5MOuidbyAqoyA%2FhvZnczOlku3j29ipdykVxMI%2Bb925CpDsZTEtjVVGZa4M3AgUyQekxSS2cCHE0fwJha0IrfLKlRtiT1ZEuQG2mG%2F2PGkCUgk3hsiJM%2FFZGhq5W5pwSHHL7LzE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7c10167b6fc0b74c-AMS
expires
Tue, 02 May 2023 12:57:38 GMT
r62eglto.js
ad4m.at/ Frame AA0D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598310
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qJmnIXDaAsPGFDuwhEhTX5%2FLEX7J%2B4icXugBXp%2FySNT%2FNzvNDMz38Qpr9Y3i3BSyPvQ1RXn6kQgkKkUW2UrVLVhUpyDw9ZPVWGMShE5TmTyEwZbgcMS%2FAfGLYhm9nhz78sU6yY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7c10167b7fd9b74c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Apr 2023 13:45:45 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=m.baixaki.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3707403826669692&correlator=1258659915018630&eid=31073385%2C31074224%2C31071325&pied=Eh4KHAoaQ01IMnc2cksxdjRDRmYzSnV3Z2RjU0FDamc.&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=2792147645&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252Fsite%252Fdwnld80148.htm%26category%3Dandroid%252Cpool-break-lite&sc=1&cookie=ID%3D69eb4c63df95d1ac%3AT%3D1683028656%3AS%3DALNI_Mb93-D-Ka-oMuIGeFccWlzc53gzTA&gpic=UID%3D00000bf3daf5cdfd%3AT%3D1683028656%3ART%3D1683028656%3AS%3DALNI_MaW8V-Yla9FoUv8X4lpAAdVmydBBQ&abxe=1&dt=1683028658475&lmt=1683028658&dlt=1683028655561&idt=675&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1368608102.1683028656&ga_sid=1683028656&ga_hid=1877633331&ga_fc=true&ga_cid=1564098374.1683028656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7fe0dbf42bb17ee2d1eb7b0d8a2e018d12a7b8e14adc56039135be64b4361ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45371
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80f1595fac8533602972e58936d3892b9248be914bca4ee576f1e5a6b3ad441c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 05:22:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
23726
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12713
x-xss-protection
0
server
cafe
etag
5704173258635054644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 01 May 2024 05:22:12 GMT
container.html
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3817 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:37 GMT
expires
Wed, 01 May 2024 11:57:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304270101&jk=3707403826669692&bg=!lZallsLNAAb9Sbh13Uk7ADkAdvg8WmbntqqnOtYGsNRIoInBt5BEEBhlR4rt0zhm0XyWAUD-QT4jklwbgQodEWyWbjyBBH1mUIQCAAAAU1IAAAACaAEHmQL-fRKUF-bugzrHPmhae5rCooaFyY0ALoVgTExt3Jhz9erRS4-_h4nPdM9e9Wk0vTC34QQ7U1WwesNElItYMTL1hwZH2b1J2Myz5jfF8-GEQvPhKiNZpDx4h4VlSn5YRltV-49xjKxSjgR7_0rQhZOFFPlsyNxYi_SNn8vNJufVymvpXDvtEtPWjHwrCqg4-ls0UQ3KOf5pWnR9WcMjMv7MH6NUWlCB5Udsl2qxCkTrUxdYu5JZ2mjbaO2PnHhEO-JO6XwxNEYatN5114u9ooUMV0nt3_cZlsa0zTcaRt8JBNHi0JCLnOOQF8ttBwXmevjMf0Nv1XIBe1UCuJdtuKYRAIAElowhiOnOlhf6gjJT9rhk8WAwIySX3Fb2vifyNTGSFPci3tykJ76y6nMZEtcrbph9k5MyBlUyvY_AslxAhyFDssYnC3qOwMoC4-1ksFf-XnisTTvApU4Tce74wfcWhlhNwX3BCBALhLd3KSDiKvgDnXE3ha3CIkturDQueoUMtqhZbIsEbUpuYieNw7cEQIObHpgIxVYpt3kheYbjypdtzK9qKvcgqnH4Q0cjgOlGe-m2_WwWv25rzMmbXy_lTo3zGswkYKXQP1TCzrbAoJ_8UVqI-uOeDjX9iSStNi0YuOFbP1ppWB75GdrGIF-77sX1OOyVhoGr2xp3oFd0NBuQ1XM2SAHNd86HuDjoE4Cg8F4q6xaabNM7vJJi842mFPFQaS4-VFILiBjqKnIc-_Syr3sTMlRWztn0MH3NTrTuEfgHZS3ZnOtaf7jHhOlExgPTBedR9b95mGqyzJUz2L3KY2A-6unf7r1WaAljaZBVpNjxb3O5q2nAKbfiYM7i2g0OgWExLEhQIkQKf8UQjW9Z9QrbOAR0hTPwzxUlLgNZmRZXV9j0_Fv59ydvVwX_iVK-HXXeGzJAwcA2xL1IJ7aPd_CuaUFWS5a_s03h_7k2QK0gsnmOnmuUdPnJkvsGeqktcHDudqmn90ZrYx8uxbHNu-QEGGVk6_GeINroxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AA0D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28353446
x-guploader-uploadid
ADPycdu1epvJr-hkR0gEPNNkxkoAuCA5IzwXtlznlzwiROKHq6mxs_pPklSJLedu9ec_0EKiTQAtGl1Kxzii8c39ByiQQw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHhzPhx83G8mrU7f%2BP92AGmg3nlyIneI20SYCLMWcyanfGuypQ4HTEjEalyfuQjExPLBeejgnZrueZ%2BBGVnoLLa50vHc1Keb8iJrJjvln1U4LRIavxGsKsFB1UYxRhVjUpeVIPR4AEZNmoomPon3731a"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7c10167c7b98b740-AMS
expires
Thu, 08 Jun 2023 08:00:12 GMT
frame.html
ad4m.at/ Frame 75EF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1619163
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7c10167c1db90df4-AMS
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 02 May 2023 11:57:38 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9MBcM9LTfIIKAqLb1t2MYLMh1Lx5%2F3AQbxpwEmiQQ7jJg0zHANNE4v6P5rZeYFbROBtLskr%2FZmtIIcZENGesTLHougiUGQHudjju2M9pxjOVJrTNi0i9C4xnF1f%2F0ifDx%2F8JRc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/ Frame 16FE 		660 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
150713
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
42963
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 18:05:45 GMT
expires
Mon, 29 Apr 2024 18:05:45 GMT
last-modified
Thu, 22 Sep 2022 15:06:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3817 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzZWFsvpQZMHVCf2T7_UP8cCI8AjxvdO5aYn73bWXEKDpu8H0ChABIMKm1htglZKbgqwHoAGkpa_FA8gBCakCtGBzZwkZgT7gAgCoAwHIAwKqBPoBT9DLkwWFq465ZnIEjRIflVKvvQpg_ydCc7QwfYyNjPR7cAujVqAtk4U0oYnIFF3BMzzkyWyYxGO7oOPI8dwhegPdl4xDz7AJUKrjJAcZO9MHw8hND7tAUjAdk3IcmKv-5CdC5Frnnsn0sKOFYxQxc4lPJVrh3DKnMdbYLvjz_j6k1BR4H1LZ4ZLtypfyrcACajTIKoGxpp6gJFbOQfEfr9rmwvWrO18zo3W89UELxIFTqPKp6sOj6yo-0JLlaG1ifZM1r8ajPTfVaCcOBGLagR2RZCXKKMWhNRe9xyaaZYcZ2p5rpJRNMdZTaqaAWyM3TS4orUYQJHa7Q8AEy6r9vJAD4AQBkgUECAQYAZIFBAgFGASgBmuAB8Ta0DqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQjvAB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi03MDE5MDkxMDk0ODk2MjYwGNLAFg&sigh=xF784wVR4C0&uach_m=[UACH]&cid=CAQSOwBygQiDW3Fx9w0iqRgwFF_U0jwkqkKMGPZwBznJPD1nsUHScG16etlkVd9-p1CXGknROzSf0smDsgTCGAE
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6 		143 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2886
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 3817 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 3817 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
57136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:05:22 GMT
css
fonts.googleapis.com/ Frame 16FE 		1 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1534344dda8e3b65a0fb279be33a2d106126fbdd97ccaedefe4928ce86926b4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 11:32:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 11:57:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 16FE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 03 May 2023 11:20:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 16FE 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:15:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
2521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 03 May 2023 11:15:37 GMT
l
www.google.com/ads/measurement/ Frame 3817 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUHvg_wT41K32Wjk9g4wX95IKs22mbjBpXBAf5UkqMv5D6CXYeMUvZq3h6Eb8iJdqlADTdQj_WHXIfpyqqkjsdsmnKpg
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3817 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 11:57:38 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:38 GMT
expires
Tue, 02 May 2023 11:57:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3817 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3133161cb1f2ed0df595bda4d36917a85b516014d2297bedbb6fa2f40197f410

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v20/ Frame 16FE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v20/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:42:38 GMT
x-content-type-options
nosniff
age
245700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21808
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 23:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 15:42:38 GMT
sprite.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/ Frame 16FE 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/sprite.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12528182951009058816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02f0f3fc448e232dd14ca99c4d3644fd5ba142001842d3ffef4d9e472f1316d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 29 Apr 2023 23:04:34 GMT
x-content-type-options
nosniff
age
219184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104641
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 15:06:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 23:04:34 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c10167ce9260bc2-AMS
content-length
24
content-type
text/plain
date
Tue, 02 May 2023 11:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aQH4w1Sk4inyHhT35AKGB86WnjTRHO6Fysii%2BQCMVj0%2F6XU1%2FrEM6Zt4kyMr0BBtQb9MjGqJSgnuNxGny1jIdR%2BhmrEfaletgWsSr7%2BUAfiRERxdYz3KoKGrNipfvGyqDlzzQs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-zfc5
rs
ad4m.at/ Frame AA0D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b407efc2e1ea9864e5ed20c960b332b562393bb362715d732de544e3fddefd

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Qf4rVyxBvFkuQuIXRziVEvUj5ekS4EeayqLTMi96hbocciuP9DFgmgZ38FTXc9TpvrtMWD6vJqgK6mGT3TaPMUlZaIsCh0JkF%2F9AgTraYr9U2UYH7fylZ6LWJRloDbte6nmpvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7c10167d196c0bc2-AMS
x-backend-server
aa-reachservice-group-europe-west1-zfc5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ Frame 16FE 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
12856227160862211542_722015651813646760.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/12856227160862211542_722015651813646760.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16cd457d7787a36177abdb6e7947f1bd28c8f449e0fa353a4be8a6eb2b47a78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:47:59 GMT
x-content-type-options
nosniff
age
220179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8328
x-xss-protection
0
last-modified
Mon, 20 May 2019 19:19:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 22:47:59 GMT
7931128540167907395_3488332315121845029.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/7931128540167907395_3488332315121845029.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1e37126e2d40caebc2c2d9628d161ccbc2590451a87be43249a9c84c5101e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 04:16:32 GMT
x-content-type-options
nosniff
age
200466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11452
x-xss-protection
0
last-modified
Sun, 18 Nov 2018 17:01:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 04:16:32 GMT
12407430278564887901_1697777050336446539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/12407430278564887901_1697777050336446539.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:01:12 GMT
x-content-type-options
nosniff
age
219386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12497
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 19:25:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 23:01:12 GMT
11610533020931758660_15253680244015698082.png
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/11610533020931758660_15253680244015698082.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
519413f4fcbdcf6da3d3ab9b343b364732ff7f0321141d659f259c8f09f29efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:44:57 GMT
x-content-type-options
nosniff
age
220361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17942
x-xss-protection
0
last-modified
Sat, 30 Mar 2019 17:20:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 22:44:57 GMT
16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:32:50 GMT
x-content-type-options
nosniff
age
239088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5025
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:02:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:32:50 GMT
13911327140193796911_3987520054666488292.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/13911327140193796911_3987520054666488292.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:54:23 GMT
x-content-type-options
nosniff
age
219795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9560
x-xss-protection
0
last-modified
Wed, 23 Sep 2020 16:04:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 22:54:23 GMT
rar
as.ad4m.at/ad/ Frame 83DB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbccff95738e52ef1f40849c39458a053e6bf7b91b1170dd4b149086be947b6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c10167d6f590df4-AMS
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 83DB 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
403093
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVkP%2BKtLQIHyXmmz3laLHs7F66TYZf%2BOtyxysySCNfibPoqDH1n4jpu4vMsRHeTsN%2F3xBJUhrq7wbU9R9YeBguuEFv2k%2BjWK%2BVGVGmrBBUflo%2B%2F5GDHhkbfy%2B5BJD6qceg5Cw31cwpQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7c10167dbfb00df4-AMS
expires
Tue, 02 May 2023 12:57:38 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 83DB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
457522
cf-polished
origSize=9357, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4429
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CypGMvCSFeB8vBcB0W8e1QIkhMxxBgUfR%2F8su1j4lvrGGBNArc2073NcIWAWqlLmWhWCwTXvq0y%2BVvBjvMjhJ%2B4kUzzi8dSCWfpKpu6TFI17lGRyPME7cEaiqfobyXKn7UxcqPG%2F1Y2AAKmP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dd9fbb74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 83DB 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
316650
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJlutYMLi5vBxjCPrDGGoukCstQWpSSZkw7GQvRcgqhxLJk%2BtlH%2Ba8f1WqWltA9IMlm73qOqKPjxESicouM%2FFbk0xGFDnHagDAsujniI1CVydHktoZcse9qddf%2BYjKI%2FSucbMw9%2FXwmO6WUi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dc9f6b74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
cshow.php
www.awin1.com/ Frame 83DB 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:38 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 83DB 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
316052
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkWEpPeqJQUDZQYi%2BTxXHlKMnVVi8AR3L69hhmWJ79zrHB%2FVNOyxbRWfjOIp5LfYAC5C4lBbqcFfS8TK%2BOZocXh3cVhqM5z%2B72n38iKA%2FLHow2MTwna822w%2FioYunnJI1De99aZEKc51VByl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dd9ffb74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 83DB 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
505125
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59907
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPQJd9rRHUEIo9kao5w1LZ1FPn0VejlSCQYtkniyjYtOhi65fQXoxY0FwcmeJIsiN%2FpvG4TWO5GFyWrUcA3E4G62kGxdOPfEykOzzGsMB4oYB1C2dDsPczJon%2F92y8OjVyaZpS%2BjmovGyWOT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dd9f8b74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
/
partner.o2online.de/a/ Frame 83DB
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPuM-arK1v4CFQ2Fgwcd1SEHNQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 11:57:39 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Tue, 02 May 2023 11:57:39 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 83DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1697786
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BzNrpdtlBCtFnuTovP0IfMM6m0FJh8RVb8BtivlmF1uRomRcAhNA2giyE3WX6ZsBwfbaJUjzY2BNcrU1Dcgy5u4rofZA0VeW38IF5OKN9V3dpUGMCTI30Pgj1SYnppwg%2BoeIWdo7iZ19MK%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dd9feb74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 83DB 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301138
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD0ZW0dpU4FgrW0MBCm5xi%2F3OWRuADbOHOJCEjqObHZQbR%2BI1dy7xVv2gGwiY1SaVWbHKSEPFq4VB6AxcXhWzOa9xPzqjkf7JQ%2FjgS1brOwl%2ByD8I2tchTPYyPtMhbUR6PNkB3nfLWsY3wP9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c10167dd9fdb74c-AMS
expires
Wed, 03 May 2023 11:57:38 GMT
13911327140193796911_3987520054666488292.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/13911327140193796911_3987520054666488292.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:54:23 GMT
x-content-type-options
nosniff
age
219795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9560
x-xss-protection
0
last-modified
Wed, 23 Sep 2020 16:04:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 22:54:23 GMT
16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:32:50 GMT
x-content-type-options
nosniff
age
239088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5025
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:02:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:32:50 GMT
11610533020931758660_15253680244015698082.png
static.doubleclick.net/dynamic/5/83933682/ Frame 16FE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/83933682/11610533020931758660_15253680244015698082.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
519413f4fcbdcf6da3d3ab9b343b364732ff7f0321141d659f259c8f09f29efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 22:44:57 GMT
x-content-type-options
nosniff
age
220361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17942
x-xss-protection
0
last-modified
Sat, 30 Mar 2019 17:20:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 22:44:57 GMT
link.html
track.webgains.com/ Frame 83DB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7gnar84q1r015mvnj06js60265pgc37vy2vz95t1mfq09d8dx6ggec1a3fzqzxceewaqvpths0d6wrpraayphyptfznaptrx6mvqkdzyf8e4zrnshrybxbj5yn2z3n3j2bcy3hzwgp7e0wcwthgd5ac8wvsywqwsn4hqb2je22vvhbpnkqt6gxmhe0naa0g4g7akeenqek12me629ty04szzvntwrzgvt258cnhbwn4pqt2dvpacgwqhrek2kwmf0ky%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.171.28.83 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-171-28-83.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
43c83a2e11124b51638d774ebcdefd9a0d352f8a4fe33f4ea75332b8336449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
last-modified
Tue, 02 May 2023 11:57:39 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 02 May 2023 11:58:39 GMT
pvClk.min.js
analytics.webgains.io/ Frame 83DB 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7gnar84q1r015mvnj06js60265pgc37vy2vz95t1mfq09d8dx6ggec1a3fzqzxceewaqvpths0d6wrpraayphyptfznaptrx6mvqkdzyf8e4zrnshrybxbj5yn2z3n3j2bcy3hzwgp7e0wcwthgd5ac8wvsywqwsn4hqb2je22vvhbpnkqt6gxmhe0naa0g4g7akeenqek12me629ty04szzvntwrzgvt258cnhbwn4pqt2dvpacgwqhrek2kwmf0ky%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%252526client%25253Dca-pub-8170966538152543%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-48.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 05:34:41 GMT
content-encoding
gzip
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
22979
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
21d5jiSAiwODYP48O_qhzKOLIvJ_gYjOPcHMHiQrgSRslDa7gI7dog==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 83DB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1683028959&Signature=Ov8PvSumdQ-YsdOyZKYuWgnQPgjl62AWLEBUueV-sX6eEnDmMal9ydpg-2uAgv1yM80-jKIggqMzAg32-lkZtsse1OpXI1YctBvz-O5udIPFhjtw0~~ahGlbnrea41MrTimVwWjzS5fridomW6ddL9rYSv1KpG0BtHQHzW4-WwW1UQRT4BBoHGZbz8EubROSYD2uVGv5tCS0Hi5ifWtkki-xyiPhrtNerpMZZBnwn7DpzN~oiVwCoBHOUAlFf2FyAGSTzVD~Ml7HrRCii4jfsJQRUb5hIVEOIs3AvmFn31-NnaQx8PGNRBEaQ3WGQ9b1S1gr1c-5PgmcJ7oOSYiS4A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-54.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 02 May 2023 06:04:51 GMT
via
1.1 c6112c76017165ab7d9ba7566718afea.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
21169
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
wyUW5EwPTngYtkWaMb5BQfrnz0iflj6-PJOFfcYwd_Tfw5l4a6eiSw==
container.html
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E10D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:37 GMT
expires
Wed, 01 May 2024 11:57:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E10D 		5 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 11:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 11:06:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 11:57:39 GMT
css
fonts.googleapis.com/ Frame 6D64 		9 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 May 2023 11:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 May 2023 10:35:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 May 2023 11:57:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6D64 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
57137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:05:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 6D64 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
57137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:05:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6D64 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
57882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6D64 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
57137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:05:22 GMT
l
www.google.com/ads/measurement/ Frame 6D64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSetxP4ccc0RWRyIkSEyUbntygititeTJty6FTBLGY7k4OAXd9mTqI6sJLKUhwmJi22QgpmI0eSh-DhdKG6PFcZN253SQ
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D64 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50021
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682940967289926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 May 2023 11:57:39 GMT
dc885651c24f3a38cf2b2dda4c5c7197.js
www.gstatic.com/mysidia/ Frame 6D64 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 00:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13586
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 20:09:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 00:42:45 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame E10D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 20:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
56795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8031
x-xss-protection
0
server
cafe
etag
4566461469134147509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 May 2023 20:11:04 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E10D 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:22:16 GMT
x-content-type-options
nosniff
age
2123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 May 2024 11:22:16 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E10D 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:10:10 GMT
x-content-type-options
nosniff
age
2849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 May 2024 11:10:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B282 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A3E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 19:00:25 GMT
etag
48472445140208031
expires
Tue, 02 May 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1A3E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1&google_push=ATf1kGOCRH0IVNlaHUgKi6HB2oVw2XowTcS5gPRDk4VPoLR6wzsJ6TwT-hHuUWqUBh_Lij85DH_Ax-7hwYQTSppgkUTQdH8ldvI
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM0NDczOTk0NTQwOTg4NzUxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENoqu_wKJmGy7u28GyKHPG4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGOnq2T12FnT2qMyN_NG4hvtis6beB29zmvIUz4WZ8Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGOnq2T12FnT2qMyN_NG4hvtis6beB29zmvIUz4WZ8Qxtd1iZivdAPiDrdoJmJlv5Z8NE-i1cxXIrRPn7D34tfrqbtLIT9XR
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mm5VbnFuWkgxUFRPRHc1&google_gid=CAESEEkJP0Hx8_qHluTfQPK7eOw&google_cver=1&google_push=ATf1kGOnq2T12FnT2qMyN_NG4hvtis6beB29zmvIUz4WZ8Qxtd1iZivdAPiDrdoJmJlv5Z8NE-i1cxXIrRPn7D34tfrqbtLIT9XR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 1A3E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c1016821f0f0b54-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
117
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGPSj28zv7lcAOPSCv6d0J4&google_cver=1&google_push=ATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNfcn7R3zSD1njvav3W15w1d70QQd6JsjykqmAUhbRqC-ninwjoK89YnYHtO7s5u73CWHsh3dT5rLL2aw6384QR2mbltD4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c101680dccd0b54-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBd3eQv7CEJsGkcvS_k6u0Y&google_cver=1&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0GPMP20DQr-xv2wN158r8A2&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZbewuI7-oQLRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0GPMP20DQr-xv2wN158r8A2&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZbewuI7-oQLRw
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 May 2023 11:57:39 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0GPMP20DQr-xv2wN158r8A2&google_push=ATf1kGNL-qDXjPAujOURgzufaffPO6sJXcqaMVhg1QQjd7ZK1EEKLrTruvJHojy-qUoQCNnis6vsnTo1ENeJM4FZbewuI7-oQLRw
x-host
tde-deliveryengine-production-69d487867f-w6bz9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIvp6-tQxNPQBp_JDnq7o8U&google_cver=1&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIvp6-tQxNPQBp_JDnq7o8U&google_cver=1&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2ODU2NTI2MzAwMTcwNDY1MA&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2ODU2NTI2MzAwMTcwNDY1MA&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-61aZJK6LtCA4d_XB9FpK2
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc2ODU2NTI2MzAwMTcwNDY1MA&google_push=ATf1kGNU-u3DfEOPTDbM3Y-l_WBwd1eE4NvxyOgs4b9qBOrs6PQDlnCM0MHb3UWz4d90XecCPcg8zE-61aZJK6LtCA4d_XB9FpK2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELKWv4EzA2rIpMejFGwhYnA&google_cver=1&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNzn...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELKWv4EzA2rIpMejFGwhYnA&google_cver=1&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RAhRx_FeT_yz8wkE_R-2uw&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RAhRx_FeT_yz8wkE_R-2uw&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNznL6b2zk
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RAhRx_FeT_yz8wkE_R-2uw&google_push=ATf1kGNFoIKe58OhvNwiovvjpQAquZ9XpAvGpthYQe0CdLq3VZ3BO4WKHNObXsqaxmx30qaiOyWbNygzSVU71FJ2_xjNznL6b2zk
access-control-allow-origin
*
date
Tue, 02 May 2023 11:57:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKbfUFzoS...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKb...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e21cff13-62fc-4ca2-972c-98ae241710c0&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e21cff13-62fc-4ca2-972c-98ae241710c0&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e21cff13-62fc-4ca2-972c-98ae241710c0&%%GOOGLE_PUSH_PAIR%%
date
Tue, 02 May 2023 11:57:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1A3E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JL6aQo3CUdgJAJga46sLU7b-o-DbrIJj0QCUK_ahhBK3msECuBcSj4O9BD9_qfYbllOvQmKw
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame B282
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:39 GMT
expires
Tue, 02 May 2023 11:57:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 11:57:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 8092 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/site/dwnld80148.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 02:43:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
119640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Apr 2024 02:43:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 57E5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDvitVXJdF96YVVDgqSOwLLXCX-fnXPZb2P3vCQXwJKYBBC_BvPYIK4UyuyMZH2sHKJUNae-qk3nhN3-2rOTvoR-_b&sig=Cg0ArKJSzIvXJdhSGjqUEAE&id=lidar2&mcvt=1000&p=110,315,360,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=688589747&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683028658324&rpt=176&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3817 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso09ycd8JEwhmFSpBffET7c4VQVZamqZBKspF1wBvvVUJidrvZArdtk4WXikb13racA50hDZKTEmrlyID6zCTSq26US9n4yRMDEqgaIlzmUosgyl9EesqbshE-ZiptU7zP1Z6TPQ&sai=AMfl-YQrDx9tw1b1x5vFZw-JwJOIHqL9tOO_4eXF9rtZPqzNRNMsl_3otkdjfLcR-9bU0Tfk4qp9-ZmxmGhdfjiyKQWSrpiHjcdOrjSDTWTT82AKpSrG9aPJJ49Vrjo&sig=Cg0ArKJSzDkItagy7t-rEAE&cid=CAQSOwBygQiDW3Fx9w0iqRgwFF_U0jwkqkKMGPZwBznJPD1nsUHScG16etlkVd9-p1CXGknROzSf0smDsgTCGAE&id=lidar2&mcvt=1000&p=1100,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2893152812&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683028658550&rpt=156&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.baixaki.com.br%2F&domain=m.baixaki.com.br&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://m.baixaki.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 May 2023 11:57:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
336301
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.baixaki.com.br%2F&domain=m.baixaki.com.br&cw=1&lsw=1
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://m.baixaki.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
298798
expires
0
/
csync.smilewanted.com/ Frame CA59 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c10168419a3363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:39 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F7D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1683028656529
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 0A5B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 May 2023 11:57:39 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 38F0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://m.baixaki.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20189
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 02 May 2023 11:57:39 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1531, 101446
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230086-FRA
X-Timer
S1683028660.895215,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 0A5B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e2d482993dd399983889ab51ce7738600995549dd5bdad5694d9f289feee4d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 02 May 2023 11:57:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 May 2023 05:20:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62514
Connection
keep-alive
Content-Length
10017
Expires
Wed, 03 May 2023 05:19:33 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CA59 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
336825
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7c101684ea7f363b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bounce
ib.adnxs.com/ Frame 38F0
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:40 GMT
AN-X-Request-Uuid
ab76fb14-ae1e-4c6d-8516-1c9bb11bd0d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:40 GMT
AN-X-Request-Uuid
a5ba8efd-1061-4cac-8c42-cdc6328c4eb7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tracking-event
api.webgains.io/ Frame 83DB 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 May 2023 11:57:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 02 May 2023 11:57:40 GMT
server
nginx
drop_cookie_sw.php
csync.smilewanted.com/ Frame DA59 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c1016852ac9363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame A509 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 02 May 2023 11:57:40 GMT
X-Sovrn-Pod
ad_ap2sfo1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7E57
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Tue, 02 May 2023 11:57:39 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:39 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
rubicon
match.adsrvr.org/track/cmf/ Frame 0A5B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 0A5B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH67T2N0-24-1LY
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH67T2N0-24-1LY
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 02 May 2023 11:57:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5EE508790FE24B95A1383A8B7A951909 Ref B: VIEEDGE2522 Ref C: 2023-05-02T11:57:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6tKVxFN3yCZcSFl7cRw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH67T2N0-24-1LY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0A5B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xw4qVJDdQRy01RhsWGOM5g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Xw4qVJDdQRy01RhsWGOM5g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Xw4qVJDdQRy01RhsWGOM5g
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D98GQD0ZN7VFHD76WDVJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Xw4qVJDdQRy01RhsWGOM5g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0A5B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/52nR57wYOBGpbif-x0lW2A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KV_P6w1E2oKSGPo1AIWEeJvYRUclNl_jfH1W8A--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KV_P6w1E2oKSGPo1AIWEeJvYRUclNl_jfH1W8A--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 02 May 2023 11:57:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KV_P6w1E2oKSGPo1AIWEeJvYRUclNl_jfH1W8A--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 0A5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHHtkGeatiRwDsRhL1urpGA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHHtkGeatiRwDsRhL1urpGA&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHHtkGeatiRwDsRhL1urpGA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWZjMTdkNjM2Zjc5NmExMWE4Mjc4OWE0Y2ZjMjg1YTFiMjBjMDdjMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWZjMTdkNjM2Zjc5NmExMWE4Mjc4OWE0Y2ZjMjg1YTFiMjBjMDdjMQ
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWZjMTdkNjM2Zjc5NmExMWE4Mjc4OWE0Y2ZjMjg1YTFiMjBjMDdjMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0A5B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EZ_kNWLnSya68fzGeFhGfQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EZ_kNWLnSya68fzGeFhGfQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EZ_kNWLnSya68fzGeFhGfQ
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
79YGYW0V9FXHS4ZZ1VVB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=EZ_kNWLnSya68fzGeFhGfQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0A5B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg2N1QyTjAtMjQtMUxZ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA6-A9c1w_64TcFbxT97jJM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg2N1QyTjAtMjQtMUxZ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 089B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1683028660167
  • https://ad.turn.com/r/cs?pid=45&rndcb=1664053675
  • https://sync.1rx.io/usersync/turn/3344739945409887515?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7cbbb982-f572-4a11-93d3-0e3...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
0
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c101686bcb6363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Tue, 02 May 2023 11:57:40 GMT
etag
RX7cbbb982f5724a1193d30e30618d0056003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
d635246b-13ed-537a-9106-d8bff556220b
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 3356
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/d635246b-13ed-537a-9106-d8bff556220b
0
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/d635246b-13ed-537a-9106-d8bff556220b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c1016889ef1363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/d635246b-13ed-537a-9106-d8bff556220b
smwt256.gif
us.ck-ie.com/ Frame 8CF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 02 May 2023 11:57:40 GMT
Server
nginx
d53bbcea24218631748f73c483b6bc
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6B6E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/d53bbcea24218631748f73c483b6bc?gdpr_consent=&gdpr=0
0
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/d53bbcea24218631748f73c483b6bc?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c1016885ec2363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 02 May 2023 11:57:40 GMT
Expires
Tue, 02 May 2023 11:57:40 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/d53bbcea24218631748f73c483b6bc?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1683028660444089-510
v1
match.sharethrough.com/universal/ Frame B68C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.11.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-11-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 02 May 2023 11:57:40 GMT
api.gif
tags.denakop.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&t=1683028660328&cb=0.9122860589757311&aa=horizontal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
7c1016871baf1caa-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
smw888.gif
us.ck-ie.com/ Frame F63E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 02 May 2023 11:57:40 GMT
Server
nginx
l78OpYpgioL4z3Oqx7wF
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame E89F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l78OpYpgioL4z3Oqx7wF?pi=smilewanted&tc=1
0
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l78OpYpgioL4z3Oqx7wF?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c1016882e87363b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 02 May 2023 11:57:40 GMT Tue, 02 May 2023 11:57:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l78OpYpgioL4z3Oqx7wF?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame E8A9
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23dc30795ceb9e9b7e6ccf6e01955994
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23dc30795ceb9e9b7e6ccf6e01955994
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
330f1d9e-aa34-4949-b2d1-2536e2078969
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 02 May 2023 11:57:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7c101687fe4a363b-FRA
content-type
text/html; charset=UTF-8
date
Tue, 02 May 2023 11:57:40 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23dc30795ceb9e9b7e6ccf6e01955994
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je34q0&_p=1877633331&cid=1368608102.1683028656&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683028655&sct=1&seg=0&dl=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&dt=Baixar%20Pool%20Break%20Lite%20Gr%C3%A1tis%20%7C%20Baixaki&en=scroll&epn.percent_scrolled=90&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.baixaki.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 May 2023 11:57:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.baixaki.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 38F0 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 May 2023 11:57:40 GMT
AN-X-Request-Uuid
98ddb35a-67c1-42cc-976a-ea2721146953
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.136; 178.162.209.136; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| _gaq object| dataLayer string| __prebid_map_category number| _app_id object| category object| _gat object| gaGlobal object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| _comscore boolean| adoptHideAfterConsent object| COMSCORE object| ns_p object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| FACEBOOK_ID string| _lorem string| _ipsum string| _dolor string| _sit string| _amet string| _sistemaHome string| _sistemaTopSemanal string| _url_app_item string| _url_collection_item string| _url_search string| Share_Twitter string| _shortUrl string| _sistemaCategoria string| _nomeCategoria string| _idCategoria string| _codColecao string| _TESTETESTE function| $ function| jQuery object| ko object| NZN object| ViewModel object| vm object| denakop object| apstag object| googletag object| dkpbjs object| dkpbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing boolean| apstagLOADED object| apscustom object| _aps object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| adoptApp string| disclaimerStatus function| sendAdoptCommand string| target object| nvg13767 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg string| nzn_x object| pers object| naveggReady object| acceptedTags object| TTTagManager function| TTTagManagerError object| _ttq string| n string| nq object| cmds object| _ttconversion object| ttcNamespace function| gtag object| GoogleGcLKhOms string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| GooglebQhCsO object| google_reactive_ads_global_state object| google_image_requests

96 Cookies

Domain/Path Name / Value
.m.baixaki.com.br/ Name: __utma
Value: 65309810.1368608102.1683028656.1683028656.1683028656.1
.m.baixaki.com.br/ Name: __utmc
Value: 65309810
.m.baixaki.com.br/ Name: __utmz
Value: 65309810.1683028656.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.m.baixaki.com.br/ Name: __utmt
Value: 1
.m.baixaki.com.br/ Name: __utmt_geral
Value: 1
.m.baixaki.com.br/ Name: pageViewCount
Value: 1
.baixaki.com.br/ Name: _gid
Value: GA1.3.1564098374.1683028656
.baixaki.com.br/ Name: _gat_UA-144680-1
Value: 1
.baixaki.com.br/ Name: _ga_KDJP529EVF
Value: GS1.1.1683028655.1.0.1683028655.0.0.0
.m.baixaki.com.br/ Name: __utmb
Value: 65309810.4.9.1683028656
.baixaki.com.br/ Name: _hjSessionUser_592798
Value: eyJpZCI6ImU3Zjc3ZjVmLTBiZjktNWY2NC1iM2Q4LTgzNTkyZDFiZTYxYiIsImNyZWF0ZWQiOjE2ODMwMjg2NTU5ODMsImV4aXN0aW5nIjpmYWxzZX0=
.baixaki.com.br/ Name: _hjFirstSeen
Value: 1
.baixaki.com.br/ Name: _hjIncludedInSessionSample_592798
Value: 0
.baixaki.com.br/ Name: _hjSession_592798
Value: eyJpZCI6IjcyNDliNzJkLTViM2QtNDYwZi04OTEwLWMzMDI1OGZkY2Q0MiIsImNyZWF0ZWQiOjE2ODMwMjg2NTU5OTMsImluU2FtcGxlIjpmYWxzZX0=
.baixaki.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
m.baixaki.com.br/ Name: denakop_freq
Value: {}
m.baixaki.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.denakop.com/ Name: uxid
Value: qIpyPx2jQgi%2BbQ7a2j9DSQ%2F0
.rubiconproject.com/ Name: khaos
Value: LH67T2N0-24-1LY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoDAOwRbP2i8S+IXqvPVzt4X6LBWwGzep0kIUeXzf4l4YeGb/anOnxGwoKrdpLdarv0cqhPVA/wRn8gsBGYXdKFkbWKGMgPPHuyqVI1k5poNA==
.baixaki.com.br/ Name: __gads
Value: ID=69eb4c63df95d1ac:T=1683028656:S=ALNI_Mb93-D-Ka-oMuIGeFccWlzc53gzTA
.baixaki.com.br/ Name: __gpi
Value: UID=00000bf3daf5cdfd:T=1683028656:RT=1683028656:S=ALNI_MaW8V-Yla9FoUv8X4lpAAdVmydBBQ
.navdmp.com/ Name: nid
Value: 12a3d088dc06f0a8fe6bf2adcd10|0|152
.baixaki.com.br/ Name: nav13767
Value: 12a3d088dc81ea731f757ced5b10|2_123
.baixaki.com.br/ Name: _ga
Value: GA1.3.1368608102.1683028656
.goadopt.io/ Name: VisitorId
Value: fc570b23-ce7f-45d4-a399-43f19657be42
.baixaki.com.br/ Name: AdoptVisitorId
Value: GYYwrA7ADARgTAZgLQgKYWEgLGAJlpAQwQE4TsFgBGEgNkhlSziA
.baixaki.com.br/ Name: AdoptConsent
Value:
m.baixaki.com.br/ Name: tt_c_vmt
Value: 1683028658
m.baixaki.com.br/ Name: tt_c_c
Value: direct
m.baixaki.com.br/ Name: tt_c_s
Value: direct
m.baixaki.com.br/ Name: tt_c_m
Value: direct
m.baixaki.com.br/ Name: _ttuu.s
Value: 1683028657659
.baixaki.com.br/ Name: _gcl_au
Value: 1.1.1145051249.1683028658
.doubleclick.net/ Name: IDE
Value: AHWqTUmL1RF-0v88vhp05VoI0nHFiqP4HAPuMetsu07TmMsPIKXxu3kN13am-_uB
.t.tailtarget.com/ Name: _ssc
Value: y
m.baixaki.com.br/ Name: tt.u
Value: 0100007FB1FA50641D07263802607525
.tt-9964-3.seg.t.tailtarget.com/ Name: trk
Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGl6Vsafu3LOMPGIS+PEZNNL
.t.tailtarget.com/ Name: u
Value: fwAAAWRQ+rEX3QaJA2TLAgB=
.t.tailtarget.com/ Name: ttbprf
Value: _weimar_thuringia_de_1683028657955_2997014920
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
m.baixaki.com.br/ Name: tt.nprf
Value:
.tt-9964-3.seg.t.tailtarget.com/ Name: ttca
Value: CA28766,CA15795,CA15771_1683028658
.t.tailtarget.com/ Name: n
Value: 1683028658
.t.tailtarget.com/ Name: tp1
Value: CAESEMb55QORF66XAw62di0gB_8
.t.tailtarget.com/ Name: dc
Value: 1
.w55c.net/ Name: wfivefivec
Value: 2nUnqnZH1PTODw5
.ctnsnet.com/ Name: gid_CAESENP1wU749KRPfyT4HO7IyMI
Value: 1
.ctnsnet.com/ Name: cid_c191f9e2ce2e4b7993a2be0d337dbef0
Value: 1
.ads.avads.net/ Name: av-mid
Value: 4d874907-dec5-4d33-8970-a74047024dc4
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2bez
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBLL6UGQCEH3Nx_zANknLcTiJ5a5rHf0FEgEBAQFMUmRaZAAAAAAA_eMAAA&S=AQAAAkeS50S0hvqfHr0_XnsYDTU
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.awin1.com/ Name: awpv20044
Value: 412871|1683028658|891a1660-e8e0-11ed-bcf6-22336c0ce064
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MzAyODY1OXZsZWExZGUyMDIzMDUwMjEzNTczOTg0NTI0NDEyMzYzWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023050213573984524412363X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4MzAyODY1OXZsZWExZGUyMDIzMDUwMjEzNTczOTg0NTI0NDEyMzYzWDExNzY3OVYxMjI2MTMyNzAyT
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D063CC3F-6D03-42BF-B1BF-6C0DD79F2BF0%22%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1768565263001704650
.turn.com/ Name: uid
Value: 3344739945409887515
.360yield.com/ Name: tuuid
Value: 440851c7-f15e-4ffc-b3f3-0904fd1fb6bb
.360yield.com/ Name: tuuid_lu
Value: 1683028659
.bidswitch.net/ Name: tuuid
Value: e21cff13-62fc-4ca2-972c-98ae241710c0
.bidswitch.net/ Name: c
Value: 1683028659
.bidswitch.net/ Name: tuuid_lu
Value: 1683028659
.tribalfusion.com/ Name: ANON_ID
Value: asnseFxZduB6RApTrruFfLNN7M0FpSwa5WXkSWUjHOthLbR5Y0F4qiZcqXrvkLvnspBZcYHJR2tBY5C7GXLfLd8
.adnxs.com/ Name: uuid2
Value: 6833508987348016744
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7cbbb982-f572-4a11-93d3-0e30618d0056-003%22%7D
.linkedin.com/ Name: bcookie
Value: "v=2&90a464f1-4a51-43e8-8d45-354c9c2a658f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODMwMjg2NjA7MjswMjFmg9iF1B2V2GF6MHfJioMT0/XuqeU5B8CcuAFVST+BUg==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2564:u=1:x=1:i=1683028660:t=1683115060:v=2:sig=AQEQlTro0elZJcqeKjzdo1MYF7l-qrlS"
match.sharethrough.com/ Name: AWSALBCORS
Value: xes3WWzaM631lJ+BY/N8mBAZiuEc5vgnB43jLrBFxAN+2n2r0sA/jpbkZZsLWN0Ohwa0fWMl8y0UUptsbuFp2JX/aHm1XdpC/jPznL3QTDVyfk1jpGZ+ngs9diUc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: d635246b-13ed-537a-9106-d8bff556220b
.betweendigital.com/ Name: ss
Value: 1
.creativecdn.com/ Name: u
Value: l78OpYpgioL4z3Oqx7wF
.creativecdn.com/ Name: ts
Value: 1683028660
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In3@Zt[:!@wnf-Te9(SNP7Qd)KmvZ0rn*T(.wFHNBU3VYmm%V>Qs*UGSM[UB3kDFpmFxFi3jGqjy=O(j'5?)fy+'imcJ8
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIyM2RjMzA3OTVjZWI5ZTliN2U2Y2NmNmUwMTk1NTk5NCIsImV4cGlyZXMiOiIyMDIzLTA3LTMxVDExOjU3OjQwWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA1LTAyVDExOjU3OjQwWiJ9
.ads.stickyadstv.com/ Name: UID
Value: d53bbcea24218631748f73c483b6bc
.betweendigital.com/ Name: ut
Value: ZFD6tAAH53AQ8PTgy0OpehZ2LqmWdOqcWh5XJA==
.smilewanted.com/ Name: sw_user_params_infos
Value: rAC3j1zzq2MfynXsyCx4%2Fy5aM0XEzJDulI7x%2Bqb114he%2F79TAVAVYTSzfikdvnToWJIxgFvsCv0LJEViaxFXXDi0xEv8AlEXKD9UbNxAXo09sH9IXIjDoe5u%2B0t7X5obZwhW3wngHKWPXwc3y%2Bty%2FvLi%2F%2FwLU87TC9NFkIalhulDCV5RVVjR%2FYFHwNpBn3zIS0AsLbY8DhBo4%2Bio38HzMpIPHGQKmHQ9EKtPo6yIlmeNtJN0xuxPCxXA6nMJOk6GW5iwvCxV1AJVShbabmZEAdRayImoPRnhR7WOJoA0QLm8NAsMcxjnGXTjMSg%2Bt%2BlqAzcHpQJZiMPruNIviirkMYFLWZaebwEcgVVpxc9Muw5rUh82VMp6%2FcKWP1jhcMz3%2BpoGu5vEtnA177AhBGqNpQ%3D%3D
.amazon-adsystem.com/ Name: ad-id
Value: A0DC6eW3cE2tgSVHlQkf4P8

13 Console Messages

Source Level URL
Text
javascript warning URL: https://m.baixaki.com.br/site/dwnld80148.htm
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_cpl5wfr5cso2mmrpmnko7pmj54&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&cid=everything&random=1683028655629, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://m.baixaki.com.br/site/dwnld80148.htm
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_cpl5wfr5cso2mmrpmnko7pmj54&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&cid=everything&random=1683028655629, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://survey.g.doubleclick.net/survey?site=_cpl5wfr5cso2mmrpmnko7pmj54&url=https%3A%2F%2Fm.baixaki.com.br%2Fsite%2Fdwnld80148.htm&cid=everything&random=1683028655629
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://img.ibxk.com.br/2014/3/programas/80148108-t100x100.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1kkvp4fyb5d16d6wt55aaj9ayf9n7cyetay8ay1qqsv6snp0t4a14a8ncdbaee8q3eb9p8a0y0rayjcjfm48f2wqevv8ebmjv39ycj7yenc4rryj6fedbxbwjc39xd26n7vggp3mfjxrcad6nxnj2tx0y6rsayynrw9saarwkvjqtzb61gxgvaxq3gnmqjdf28zpa9m90gwad00b72zfsqry7e8g61f28hryrap0efw3012skgcw5vpfvrxbnfv01c3w3cashww3py2cn2an7rfegx3961b36h6dd8cfwt4qgq0345ymevd7r7wd37zytgfj304s664475nce9ncfmn301mcn8xytd38nev4j0zhjygc9kypa2xn1qwzqvtrhsz7fdyxgt28jrjyavp0vpaa95jfzs2mvm09qhkkhvx6wzybj90ke2e1dsekv0h4r35pvcj7p8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%26client%3Dca-pub-8170966538152543%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12528182951009058816/index.html".
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=970&d=250&e=&g=7b1ff9ee3d66702ab0c98162a37df33f%2F13354931667542141101&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1683028658753&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdzh2mjhxjxm290cyr3ht2xtkjn2t1byxr20x0aphtzmaemcscx2k6r15f0dwec2azfmj0pamxvxgkndckvkyqwjsjyzf8nw0rsh8ha3kwf02apa9x5g47xyn9py0fc1q4p77yhzfyf6jd175nm2cpq9f07kkrchraxtfr774qng348n23krttthftnxgdxtvf251yazh3vp7mqswveenzyr1dvwsdpwvqy1te51ypq3hvdcw7aqtzw1ktdyfvk31c655q23ecxa6htmegmamc0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGWb_svpQZJi4CoCS7_UPuZOEwAWQ4YGEXLaoworwAsCNtwEQASAAYJWSm4KsB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzyAEJqQK4Sb-1M2eyPuACAKgDAaoEhgJP0EKZUHBcv0aE9acOhyfFGxagwOuvpTZFiVJPS1eFED_JahpR73uBvJ4_rfvBPoqVw-ZRUWahEfnmMW_YZE0jivfmszVltw4sFzg9VKOlyKwqhFNpJN9ZJB0nUDVepfgIGTm3uZClDYjw17bvaiAOQa7_oY97eW1EHcexBwbvlAMLgypKd7JABA936QnhbtxsgurKwNrFf8qwzf8q1UPR_WuQHWhS4kV44Q_RCMF5WIfebKWqOfpznovshkUAX1WVfEUjLPIGLpVtpDfvpbE4jvjPP_CM4TCDToCxHZmgtkjN1zqHVuumBqb8y2e9uZaCX4gN3YUfxYQqWC8jQ_ZiwTR5OUrJ4AQBgAaPsqmem__e7rgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3RJl8Qc3TEjq4mdpXpJ3B_XrXOeQ%2526client%253Dca-pub-8170966538152543%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avads.net
ads.betweendigital.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.t.tailtarget.com
c.amazon-adsystem.com
c1.adform.net
cdn.navdmp.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cm.t.tailtarget.com
cpm.denakop.com
creativecdn.com
csync.smilewanted.com
d.tailtarget.com
disclaimer-api.goadopt.io
eus.rubiconproject.com
f5a78b3624aa936ef6cedb3537f13513.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
img.ibxk.com.br
m.baixaki.com.br
match.360yield.com
match.adsrvr.org
match.sharethrough.com
obj.ibxk.com.br
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static-de.ad4mat.net
static.doubleclick.net
static.hotjar.com
static.smilewanted.com
stats.g.doubleclick.net
survey.g.doubleclick.net
sync.1rx.io
sync.inmobi.com
sync.richaudience.com
sync.targeting.unrulymedia.com
t.tailtarget.com
tag.goadopt.io
tag.navdmp.com
tags.denakop.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
tt-9964-3.seg.t.tailtarget.com
ups.analytics.yahoo.com
us.ck-ie.com
usr.navdmp.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
104.102.45.165
104.22.68.131
108.128.62.83
13.32.121.37
141.95.98.65
15.197.193.217
151.101.129.108
162.55.236.225
167.233.13.224
172.217.18.2
172.217.18.6
179.191.182.65
18.133.81.67
18.154.63.54
18.171.28.83
185.184.10.30
185.184.8.90
185.89.210.141
2.16.238.146
20.127.253.7
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:678:cb4:bbbb::11
209.191.163.208
213.19.147.45
23.56.202.187
2600:1901:0:76b9::
2602:803:c003:200::31
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4606
2606:4700:20::ac43:4a81
2606:4700::6810:df3
2606:4700::6812:160e
2606:4700::6812:18ad
2620:1ec:22::14
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:806::2011
2a00:1450:4001:808::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a02:2638:d::d
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:a04a:f79b:5125:e037
3.122.11.200
3.122.150.201
3.68.53.114
3.71.149.231
34.102.185.99
35.186.193.173
35.190.0.66
35.201.123.184
35.205.207.25
37.157.6.254
5.135.209.97
51.89.9.252
52.222.236.122
52.46.155.104
52.95.118.179
65.9.90.93
65.9.95.121
65.9.95.48
65.9.99.209
69.173.144.139
69.173.144.165
77.245.57.72
8.2.108.194
84.200.5.215
96.46.183.20
00b311cf6ee96aaddd21025cb368be72f70a5cd97cad47941ade03acc937ea86
00b5373ee48dfd578575f418691e30f66462ad7b31a57e9893e63269469de9b9
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01d016d4214b91ecdd5d37e1e7d447a5996aa354a960099c057bdf45dd1325bf
0225d56d9142252a3c817fc11a31c3c57dccec9613ee67f08a6c844738754b52
02f0f3fc448e232dd14ca99c4d3644fd5ba142001842d3ffef4d9e472f1316d5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
07b407efc2e1ea9864e5ed20c960b332b562393bb362715d732de544e3fddefd
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08eccdcf52995ae6ae72572c63ba61057f68b074e4367b6815224e8d4c00e6eb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
0d197399afc44acb8f57a747675d005299100fd1bd9578fe5be2c69bec9f1bb2
0e2d482993dd399983889ab51ce7738600995549dd5bdad5694d9f289feee4d1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12fedf908d68f07888968f65afb795d3bb306db0ad62b4049ac2bde764259008
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
1534344dda8e3b65a0fb279be33a2d106126fbdd97ccaedefe4928ce86926b4a
16493ff1a37c6fc0a90d4ac5fa859cdc07109cd0129479708bbdd44c2a157d80
16cd457d7787a36177abdb6e7947f1bd28c8f449e0fa353a4be8a6eb2b47a78a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bf2d844067fa5866f8c004c548f3a30fa9dc0ad9f75e45bfcec1b3543cea1f3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd
231efdc2dcdb86739c1e30a68d44cdfee6780005e38beab1430257eb8e9fed0b
28985fbb2c37a0914533d7eca9cfe9a695448e5c543f5223fb95208c896c3e07
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3133161cb1f2ed0df595bda4d36917a85b516014d2297bedbb6fa2f40197f410
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320eb3ec664cf8c66f844314f1831a5f74f22b64edd2751e3b5960b658754a05
34a0fd951162d31407960cf0f5769fad30a4f0ffc979c1e43c7d5384010e9be8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006c92ab0c9597c71e66c2858b5ae456f83f19dcf17ad05294ed9bcdcf930c8
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
40b42d6022c4e565866f1eb69501ca2d778a6ce082e93dabbaf1cd48c5080e6a
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43c83a2e11124b51638d774ebcdefd9a0d352f8a4fe33f4ea75332b8336449e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
460e5ff18b16e85877db74b95404cf2e30e8d89b5e1bfeb694c5e39dede0c28d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
4d2a47d125984cb65570ba5d9c2ccab7bdc761f53805e2689a02945aea3f55f6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e7ff3797f4673e422a31c93c85e2c671ebf0dd7d9abee78d9cca235995dd60d
519413f4fcbdcf6da3d3ab9b343b364732ff7f0321141d659f259c8f09f29efc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55230a3b5bd244b408bedc6012103388c4c07bcab8c59e82e8dd57f21bdd4625
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc10baa9c6fa8d98acac31beba1be0e8f688344f243dea838b5b03e8566a3c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e18c5c33022a44f1a3a15ea5a4c3c4a8ac25544ff7adc7da64f809fd1dbe101
5ecad85ba6d1d687611e9cfa6edcf41c56b8b7cee19ef6d0576d07472e130741
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fbccff95738e52ef1f40849c39458a053e6bf7b91b1170dd4b149086be947b6
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
800f50c30e94bd92c70f9e105f12d6527e6981e65c86dfd783ee5e36051ab99a
80f1595fac8533602972e58936d3892b9248be914bca4ee576f1e5a6b3ad441c
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e3c47380d4c264f6ca6d42ddd2166675f00dc1b848c5237c00b6fc892eda73
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
87a150659e20187e7b5d266fc713f4ec612dd4d33818fb5576069109257dfd84
8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db21618a9b67b34683779177e55e947db5310147e5afe9fead137a3fad12e8f
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99e693b2d51406f7e2869ac6d883b4bcf260ad0974ec46cac9f1a1ea3f65f146
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6fcc18117e7df031fe4dfb71d2e7e8817b040c3dcac44e7887a8f056f43e50d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2817f7c6472f798c94f648e3b79454d305b0ea102814458c0f7fd1fdeb8f50f
b346ed81a0ea9a0de3dc31497aa1474745028342089af00a8b105466c7346f39
bd9d49240ec3dd8220d9bec37087e20f70e5a0083e909989846aefb92f0a3c37
bf1e37126e2d40caebc2c2d9628d161ccbc2590451a87be43249a9c84c5101e2
c21b5d2f74f838c453f21552eaae3430653ad239f37649ccc4ffe4e0c0248ae4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c98154a351cb3532c7c90220babec9c5e13224ea445d3b40e27f8db7352f582b
cbc0ae1b1d89d23d2e0860e277b02d59c14d7aa06f386548b8323bf53ef06f98
cc0b19854c48bc3048327aaff88e2375f85e02b7dfc648bb9a0467778999427a
cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05
cf38eeed0dff1432d21a4835eb1ebdc3b5523927ee47f08dd455d3436c3785ef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfea029b539065e96352a9af0df513bebc1a0bd1833185a4fac0b3d8ad5f95d8
d37980d6a0752486b74c6f2bcbe0b2103d483b95a3ae75771dfc707a0ec437fd
d88fc1552deb07be4ffa4176fb52f3e926d5f99c7b3a0e699d1c43d7230c6c42
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7fe0dbf42bb17ee2d1eb7b0d8a2e018d12a7b8e14adc56039135be64b4361ff
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
ea4f299f6035001d8e1e584888c3d6c6e89ae48096e1ca64b839448e0947c9e0
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f47f02bfbd027a0b20c406aa84a5741be53cd3bd343378a246fd58c8ef5e3d5d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f83e7bdd0aba37f486a70e60c8c62a0c2cee4ab21ddf2d1a106b7a1185094148
fd4d791b12af73d93393e25a098386a3f84d8d51373f9d04effa026ec74c87d7
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48