urlscan.io logo urlscan.io
SecurityTrails logo

gauchazh.clicrbs.com.br Open in urlscan Pro
195.181.174.138  Public Scan

Go To Rescan Add Verdict Report
URL: https://gauchazh.clicrbs.com.br/
Submission: On February 16 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 9 countries across 51 domains to perform 295 HTTP transactions. The main IP is 195.181.174.138, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is gauchazh.clicrbs.com.br. The Cisco Umbrella rank of the primary domain is 224959.
TLS certificate: Issued by Thawte RSA CA 2018 on July 5th 2021. Valid for: a year.
This is the only time gauchazh.clicrbs.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
53 195.181.174.138 60068 (CDN77 ^_^)
2 2600:9000:223... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 189.76.157.100 28357 (RBS ZERO ...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
1 143.204.98.76 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
31 151.101.129.44 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 89.187.169.47 60068 (CDN77 ^_^)
1 52.222.236.122 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 13.32.99.105 16509 (AMAZON-02)
1 18.66.139.40 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
11 2a00:1450:400... 15169 (GOOGLE)
2 3.209.136.130 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.164.74.135 14618 (AMAZON-AES)
1 54.86.215.174 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 142.250.184.194 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.33.220.100 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
2 11 172.217.18.98 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 13.248.245.213 16509 (AMAZON-02)
2 185.86.138.131 201081 (SMARTADSE...)
1 2 51.89.9.254 16276 (OVH)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 1 2600:9000:21a... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 62.144.160.15 12312 (ECOTEL)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 141.226.224.32 200478 (TABOOLA-AS)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 88.99.63.132 24940 (HETZNER-AS)
1 46.4.62.19 24940 (HETZNER-AS)
1 46.236.13.147 12703 (PULSANT-AS)
1 18.66.97.96 16509 (AMAZON-02)
2 34.242.207.34 16509 (AMAZON-02)
2 185.59.220.198 60068 (CDN77 ^_^)
295 66
53    195.181.174.138 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-195-181-174-138.datapacket.com
gauchazh.clicrbs.com.br
www.rbsdirect.com.br
ad.clicrbs.com.br
pagamento.clicrbs.com.br
nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
liverdgaupoa.rbsdirect.com.br
2    2600:9000:223c:7400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
15    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
news.google.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    189.76.157.100 (Brazil)

ASN28357 (RBS ZERO HORA EDITORA JORNALISTICA, BR)
flipzh.clicrbs.com.br
1    2606:4700:20::681a:b5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
31    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
4    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
4    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
l.getsitecontrol.com
s2.getsitecontrol.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
opi.navdmp.com
5    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    3.209.136.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-136-130.compute-1.amazonaws.com
events.getsitectrl.com
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-metrics-prd.cloudfunctions.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.164.74.135 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-74-135.compute-1.amazonaws.com
mabping.chartbeat.net
1    54.86.215.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-215-174.compute-1.amazonaws.com
ping.chartbeat.net
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
7    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
11    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a05:d018:24:b002:5c97:83c8:403c:77a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    2600:9000:21a1:7800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    62.144.160.15 (Germany)

ASN12312 (ECOTEL, DE)
ssl.hurra.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
16    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.blau.de
1    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    18.66.97.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-96.fra56.r.cloudfront.net
analytics.webgains.io
2    34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
api.webgains.io
2    185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-723.bunnyinfra.net
m2.getsitecontrol.com
Apex Domain
Subdomains		 Transfer
37 clicrbs.com.br
gauchazh.clicrbs.com.br — Cisco Umbrella Rank: 224959
flipzh.clicrbs.com.br
ad.clicrbs.com.br
pagamento.clicrbs.com.br
nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
1 MB
33 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
trc.taboola.com — Cisco Umbrella Rank: 571
15.taboola.com — Cisco Umbrella Rank: 1878
images.taboola.com — Cisco Umbrella Rank: 1580
vidstat.taboola.com — Cisco Umbrella Rank: 1885
imprammp.taboola.com — Cisco Umbrella Rank: 12723
pips.taboola.com — Cisco Umbrella Rank: 1788
cds.taboola.com — Cisco Umbrella Rank: 1006
1 MB
26 google.com
news.google.com — Cisco Umbrella Rank: 5027
play.google.com — Cisco Umbrella Rank: 32
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
74 KB
25 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
331 KB
23 googlesyndication.com
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
105 KB
20 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
220 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
342 KB
17 rbsdirect.com.br
www.rbsdirect.com.br — Cisco Umbrella Rank: 892583
liverdgaupoa.rbsdirect.com.br
184 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 1936
ad4m.at — Cisco Umbrella Rank: 1613
assets.ad4m.at — Cisco Umbrella Rank: 33179
215 KB
6 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 19008
s2.getsitecontrol.com — Cisco Umbrella Rank: 29212
m2.getsitecontrol.com — Cisco Umbrella Rank: 95588
145 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
75 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
4 KB
5 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 21001
usr.navdmp.com — Cisco Umbrella Rank: 24275
opi.navdmp.com — Cisco Umbrella Rank: 391030
cdn.navdmp.com — Cisco Umbrella Rank: 4083
12 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
4 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1242
mab.chartbeat.com — Cisco Umbrella Rank: 2250
25 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19741
api.webgains.io — Cisco Umbrella Rank: 54493
51 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
53 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6342
adservice.google.de — Cisco Umbrella Rank: 9027
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
12 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
66 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
197 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 56115
769 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 57667
572 B
2 hurra.com
ssl.hurra.com — Cisco Umbrella Rank: 85629
424 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4441
718 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
827 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
r.turn.com — Cisco Umbrella Rank: 2694
869 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
483 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193
150 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
950 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 102176
static-de.ad4mat.net — Cisco Umbrella Rank: 139961
4 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
3 KB
2 chartbeat.net
mabping.chartbeat.net — Cisco Umbrella Rank: 4891
ping.chartbeat.net — Cisco Umbrella Rank: 1099
402 B
2 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 25547
984 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
498 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
113 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41085
2 KB
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 78720
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 61847
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
577 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
442 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 387
860 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2590
173 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
538 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 cloudfunctions.net
us-central1-metrics-prd.cloudfunctions.net
418 B
1 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 110479
106 KB
295 51
Domain Requested by
21 gauchazh.clicrbs.com.br gauchazh.clicrbs.com.br
16 pix.eu.criteo.net ads.eu.criteo.com
16 www.rbsdirect.com.br gauchazh.clicrbs.com.br
13 fonts.gstatic.com fonts.googleapis.com
news.google.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
gauchazh.clicrbs.com.br
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
12 cdn.taboola.com gauchazh.clicrbs.com.br
cdn.taboola.com
11 cm.g.doubleclick.net 2 redirects 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
11 play.google.com www.gstatic.com
9 news.google.com gauchazh.clicrbs.com.br
news.google.com
www.gstatic.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
www.googletagservices.com
7 static.criteo.net ads.eu.criteo.com
7 securepubads.g.doubleclick.net ad.clicrbs.com.br
securepubads.g.doubleclick.net
gauchazh.clicrbs.com.br
7 images.taboola.com gauchazh.clicrbs.com.br
7 ad.clicrbs.com.br gauchazh.clicrbs.com.br
identificacao.clicrbs.com.br
ad.clicrbs.com.br
6 assets.ad4m.at as.ad4m.at
6 identificacao.clicrbs.com.br nossa-loader.clicrbs.com.br
identificacao.clicrbs.com.br
6 www.google-analytics.com gauchazh.clicrbs.com.br
www.google-analytics.com
www.googletagmanager.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com gauchazh.clicrbs.com.br
tpc.googlesyndication.com
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 sb.scorecardresearch.com 1 redirects cdn.taboola.com
gauchazh.clicrbs.com.br
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 www.gstatic.com news.google.com
www.gstatic.com
4 fonts.googleapis.com gauchazh.clicrbs.com.br
securepubads.g.doubleclick.net
cdnjs.cloudflare.com
client
3 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
gauchazh.clicrbs.com.br
3 trc.taboola.com cdn.taboola.com
gauchazh.clicrbs.com.br
3 l.getsitecontrol.com gauchazh.clicrbs.com.br
l.getsitecontrol.com
3 www.googletagmanager.com gauchazh.clicrbs.com.br
www.googletagmanager.com
2 m2.getsitecontrol.com
2 api.webgains.io analytics.webgains.io
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 ssl.hurra.com 1 redirects ads.eu.criteo.com
2 d5p.de17a.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 onetag-sys.com 1 redirects 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
2 ssbsync.smartadserver.com 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 www.googletagservices.com 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
2 imprammp.taboola.com gauchazh.clicrbs.com.br
2 www.google.de gauchazh.clicrbs.com.br
2 15.taboola.com cdn.taboola.com
2 events.getsitectrl.com s2.getsitecontrol.com
2 www.facebook.com gauchazh.clicrbs.com.br
2 tag.navdmp.com gauchazh.clicrbs.com.br
www.googletagmanager.com
2 connect.facebook.net gauchazh.clicrbs.com.br
connect.facebook.net
2 mab.chartbeat.com static.chartbeat.com
2 static.chartbeat.com gauchazh.clicrbs.com.br
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 static-de.ad4mat.net as.ad4m.at
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 s0.2mdn.net 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 tr.blismedia.com 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net gauchazh.clicrbs.com.br
1 ads.eu.criteo.com 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com gauchazh.clicrbs.com.br
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ib.adnxs.com ad.clicrbs.com.br
1 fastlane.rubiconproject.com ad.clicrbs.com.br
1 liverdgaupoa.rbsdirect.com.br gauchazh.clicrbs.com.br
1 cdn.navdmp.com tag.navdmp.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 ping.chartbeat.net gauchazh.clicrbs.com.br
1 mabping.chartbeat.net gauchazh.clicrbs.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 us-central1-metrics-prd.cloudfunctions.net ad.clicrbs.com.br
1 s2.getsitecontrol.com l.getsitecontrol.com
1 vars.hotjar.com static.hotjar.com
1 opi.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 script.hotjar.com static.hotjar.com
1 nossa-loader.clicrbs.com.br gauchazh.clicrbs.com.br
1 pagamento.clicrbs.com.br gauchazh.clicrbs.com.br
1 static.hotjar.com www.googletagmanager.com
1 cdn.privacytools.com.br gauchazh.clicrbs.com.br
1 flipzh.clicrbs.com.br gauchazh.clicrbs.com.br
295 93
Subject Issuer Validity Valid
*.clicrbs.com.br
Thawte RSA CA 2018		 2021-07-05 -
2022-07-13		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rbsdirect.com.br
Thawte RSA CA 2018		 2022-02-07 -
2023-02-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-02 -
2022-10-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2020-03-05 -
2022-05-04		 2 years crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.getsitectrl.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 18 frames:

Primary Page: https://gauchazh.clicrbs.com.br/
Frame ID: E53B9BAEB8AB2572AF056EAC20E8870C
Requests: 166 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: BE0F6758276706B923DE8C54253CFE45
Requests: 1 HTTP requests in this frame

Frame: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Frame ID: 4941E1AE1270A69F1FA224920A751046
Requests: 8 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Frame ID: 0A10A695EF4C6DBF0971588A41CC7898
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B55F16F43F413037241310626724&cicmp=1337627&cijs=1&dast=V7BIACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMJazRizGWkzIy02g81uslnsZpvZYjVabJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQBB0-nwue71OofrY3RYj3aN2emxXDx3jd9tl1j-cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiULiH3eeynB12kz8AAB4UQAAABDBCADZ5YEUAAAAARgAAAABIAAQSC0sAHO4WTQAAAv4GTEQzTgAAAA7qZJ62Wf7___9jAPLem2QAKNI2bgx6AB58AB6EAAAAPoZo607DC2Z7bokKSIsYAQAAAGQDXXYcTeqEyqLq____3wrgCgAg4G_ARJQm6-akmDUMAAAAYGyBHha_3-ywa_xul_3_________m_2fAaAJWY1epwHtXyuo8YxcK6z9AgIAsL0bAMCbAFzMAdgBAAAA3P3____nAQAAJO1Rsr1W49mjrPcZbOFzurvrN2GL0Woy2SyHs-ViMhiOhqPR_gRyOMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0xIOqc-l8Xp2PDbLYzWWjuWK1mEuWqwQAAAAAAAAAsIQp8yYAAAAAp0HMZpPdbsWNN3smiLVaLWsAAAAAbt3IAQ!&excid=22&tst=1&docw=0&cs=false
Frame ID: 3B4537B7EEE5834E812222B495CFB218
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=15BEA8911039519280388705257&cicmp=1337627&cijs=1&dast=V7Qu0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG7GasBjE5WIx2CxXi-Vkt1wtd6PFZLTYLGFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbAIKm0-Fz3et1DtfH6LAe7Rqz02O5eO4av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMWhcA-7z2U5O-wmfwAAPCiAAAAIYIQAbPLAigAAAACMAAAAAJAACCQWlgA43C2aAAAE_A2YiGacAAAAHNTJPG2z_P___8cA5L03yQBQpG3cGPQAPPgAPAgBAAB8DIEXR9G4G89JERWsFjECAAAAyAa67Dia1AmVRdX___-_FcAVAEDA34CJaEzWzUkxaxgAAADA2AI9LH6_2WHX-N0u-_________83-z8DQBOyGr1OA9q_VlDjGblWWPsFBABgezcAgDcBuJgDsAMAAAC4-____88DAAAY26Nke63Gs0dZ7zPYwud0d9dvwhaj1WSyWQ5ny8VkMBwNR6P9CeRwgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaNFgshqNJovJcDWarGbLxW63QYpWrWajzWC4mk1mu91qOBguRyOcsMVoNZlslsPZcjEZDEfD0WiIB1Xn0vm8Oh8bZLGby0ZzxWoxlyxXCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Frame ID: B7687AA70AC770A6669B609A709A00F6
Requests: 1 HTTP requests in this frame

Frame: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA2C180372F75219CFE3E9EA02E89DAE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37563C6ED90F78637BBAC08851203966
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 519EAF4C855DD1CE05F2AF7D60ADB1E8
Requests: 2 HTTP requests in this frame

Frame: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1C1DCB777856E4612640116C27239D9D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 2EA3036474F03E07CC332E55E1571D75
Requests: 15 HTTP requests in this frame

Frame: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 628718B01F00A273C43E92DFF6C2C820
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Frame ID: FCDD6401EFE15A27C9DE5AFADEB1CF84
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2987D32C884DD011385A7E06BDF4724
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D
Frame ID: 5E38A785E4BAB38DCA9F7675607AA490
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54D0BC8CF05C1FBEF3547E3EC5564D6F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DB48042D29AB11B4179AB9E4FEDF77B5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Frame ID: EDAAD7346F5DC81B10AA4ECC1FA0778E
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GZH - jornal digital com notícias, porto alegre, grêmio, inter, colunistas, jogos ao vivo e mais

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

295
Requests

94 %
HTTPS

52 %
IPv6

51
Domains

93
Subdomains

66
IPs

9
Countries

4793 kB
Transfer

14348 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Request Chain 226
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDxi_Z7f5cYMW25vcIjJQqY&google_cver=1&google_push=AYg5qPJONkvFr9VEP-lKBoPIeMyHMrjUivdO9XxbkZ7LFrg7yBv5QNMWUoD7GGmgBnwrDPsufS1GumYwDQz6vwXwqBtWf7rcCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDxi_Z7f5cYMW25vcIjJQqY&google_push=AYg5qPJONkvFr9VEP-lKBoPIeMyHMrjUivdO9XxbkZ7LFrg7yBv5QNMWUoD7GGmgBnwrDPsufS1GumYwDQz6vwXwqBtWf7rcCg
Request Chain 228
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFOqvUFM5TQZeC2rhoUtP0k&google_cver=1&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsfevsJIESWXe9x6FiZTRbNlrpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUE0yUTItMUUtRU1MUw==&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsfevsJIESWXe9x6FiZTRbNlrpw
Request Chain 229
  • https://match.360yield.com/match/ebda?google_gid=CAESEFxfXEXbhT5HVrUwk0xToyo&google_cver=1&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFxfXEXbhT5HVrUwk0xToyo&google_cver=1&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c
Request Chain 230
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMXt0xc7Con7pZZTAJ-9r64&google_cver=1&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg&google_gid=CAESEMXt0xc7Con7pZZTAJ-9r64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1NTAzNDAwNTI0MzA1MzMzNTA5Nw%3D%3D&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg
Request Chain 232
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYDO18E2oHHN6wEvpRpWRk&google_cver=1&google_push=AYg5qPJCChr44rULa_wmAAfHRhJgMHozmHpJRhkiBiKhY4JSeiGdXmmNfRw0EAltA8UkP7uzf279w9Mz_zNKx3CTa5pGsBuzfNEt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJCChr44rULa_wmAAfHRhJgMHozmHpJRhkiBiKhY4JSeiGdXmmNfRw0EAltA8UkP7uzf279w9Mz_zNKx3CTa5pGsBuzfNEt HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 234
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1&google_push=AYg5qPKkv82EZUdCEiBXvQ0bkJLItweTixM7qu7x7-OEZPakKO9QVPICeJr9OgQ41JpUt2ni6B5On-cnE5HnQ2AzTt-rOOp4eQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzMTcyODYyODU4MjA1NDAwNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1
Request Chain 235
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB_AWGoFyxIguV66AtcUpmU&google_cver=1&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1QggkFmgFbr6zg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1QggkFmgFbr6zg
Request Chain 236
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEEiH3i2j-E43r3MNQqSb9bA&google_cver=1&google_push=AYg5qPJBBdJ1p4KiRsuVx-T5ZPqaMWQ2868W6eV0JgnaLiPBCtFbNi9oX6HhzqFyxFHwRrivTTaeFF5FMH13tuMeph03qWlHvw HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEEiH3i2j-E43r3MNQqSb9bA&google_cver=1&google_push=AYg5qPJBBdJ1p4KiRsuVx-T5ZPqaMWQ2868W6eV0JgnaLiPBCtFbNi9oX6HhzqFyxFHwRrivTTaeFF5FMH13tuMeph03qWlHvw&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=I8Ep64TZSlS9Q-_w--2vIg&gdpr=1&gdpr_consent=
Request Chain 237
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKyl7ql5yCzuA3RLdD14CIA&google_cver=1&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKyl7ql5yCzuA3RLdD14CIA&google_cver=1&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk
Request Chain 238
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC357tbLe3Yib0eqwuYyqdU&google_cver=1&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyXDU2p3lyeuzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyXDU2p3lyeuzA
Request Chain 248
  • https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538 HTTP 302
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
Request Chain 285
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
Request Chain 288
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022021616290064007992323X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth

295 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gauchazh.clicrbs.com.br/ 		671 KB
124 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
2a293b4997b6f3013484cdab78bd700bb2b5a6c40a1c8e0a449a8b2ac6798f60
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=120, stale-while-revalidate=86400, stale-if-error=86400
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-origin
*
access-control-allow-methods
*
access-control-max-age
3600
main.bcf9f0b27cb44e772f7f.min.css
gauchazh.clicrbs.com.br/static/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/main.bcf9f0b27cb44e772f7f.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
dc0ddd462a72d52805274508b2477314ba9df0c2eebd6a477a121ac681fcb831

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvprUB4AXHOmgCUcVaauQOiSTIM7p1q0SbLffhrlwshyRYqn9f_Qv8EzQF7BHZeAXfNzIlS9eeHxbVCHpo-eHtpk2GbOw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 20 Dec 2021 13:40:41 GMT
server
UploadServer
etag
W/"211c5837b8c770cc34eb5c8491a2722b"
access-control-max-age
3600
x-goog-hash
crc32c=lFqGhg==, md5=IRxYN7jHcMw061yEkaJyKw==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 20 Dec 2021 13:41:52 GMT
commons.a54cae8f055e6269138e.min.css
gauchazh.clicrbs.com.br/static/ 		222 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6aedbd5800ac3f78832844813990b17d15abcbc14e740e390aba7e50271ba250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtM9xVHpDO6aaUZDBo5qtlxylrqBKB67cZu_4bRk1t7DUusesb9WuiT9t9Vtjh5pnk-pCteyyMlDDUjJE1PU1zxZxFUng
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:02 GMT
server
UploadServer
etag
W/"e5d2507fd57c8ed6267015081b2ea299"
access-control-max-age
3600
x-goog-hash
crc32c=R5YgnA==, md5=5dJQf9V8jtYmcBUIGy6imQ==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:34:47 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 02:25:43 GMT
server
nginx
age
3248
etag
W/"61e0df27-59c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
_Fmq892oeC-vRCGrIkijzub0YTiK_Ytc-ymeKWhUugy5L0_ea8w5Fw==
expires
Wed, 16 Feb 2022 16:34:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5043
date
Wed, 16 Feb 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 16:04:52 GMT
gtm.js
www.googletagmanager.com/ 		219 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd9c766ecaa3be73861e40cce25bbb8ee323e51a32640905b0a2af9bd5923962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70408
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:28:55 GMT
16449756858081_normal.jpg
flipzh.clicrbs.com.br/jornal-digital/files/flip/RBS/24146/up37/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flipzh.clicrbs.com.br/jornal-digital/files/flip/RBS/24146/up37/16449756858081_normal.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
189.76.157.100 , Brazil, ASN28357 (RBS ZERO HORA EDITORA JORNALISTICA, BR),
Reverse DNS
Software
nginx /
Resource Hash
52ab52b0b9bcb9e0486b46c547952e826bf6960fcbba7cdff8d792e1e284d6cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
last-modified
Wed, 16 Feb 2022 01:41:44 GMT
server
nginx
x-cache-status
HIT
strict-transport-security
max-age=63072000
content-type
image/jpeg
x-hosts
flpappprd05.rbs.com.br
cache-control
max-age=90000, private
accept-ranges
bytes
content-length
123055
expires
Thu, 17 Feb 2022 16:28:56 GMT
95005_cfebaec8c2d75b3.jpg
www.rbsdirect.com.br/filestore/5/0/0/5/9_52152e7a8b23ebb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/5/0/0/5/9_52152e7a8b23ebb/95005_cfebaec8c2d75b3.jpg?w=200&h=270
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
975ac5c49a920a7877668499bf696c9e8f26470a7d9493205a824b83f57f8042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
153431
x-cloud-trace-context
343235568e3e858ddb9d6d97630e2583;o=1
cache-control
public, max-age=2592000
function-execution-id
p9k3i4x1e66d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12019
expires
Wed, 16 Feb 2022 14:15:45 GMT
27473913.jpg
www.rbsdirect.com.br/imagesrc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/27473913.jpg?w=200&h=270
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
624131598e832c386746d7c95eb44b87aa91abdcc9c3868201cc753b03e4c335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
38501
x-cloud-trace-context
13dcc533d0e174bd602fbe779d5ac40f
cache-control
public, max-age=2592000
function-execution-id
5cokg1c5ruoa
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8512
expires
Sat, 12 Feb 2022 18:29:11 GMT
1039793_812e496085083c3.png
www.rbsdirect.com.br/filestore/3/9/7/9/3/0/1_ac2138fcb82ef36/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/3/9/7/9/3/0/1_ac2138fcb82ef36/1039793_812e496085083c3.png?w=30&h=30&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
a49c6db45854a11786964a1d1df051ccdf021097f05b242720cfea23782b2682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/png
x-original-image-size
108221
x-cloud-trace-context
6a25ddebebfa726a398ad295cae87e97
cache-control
public, max-age=2592000
function-execution-id
forcsojd4c53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1461
expires
Tue, 31 Aug 2021 16:31:56 GMT
verdors-r.f93486301627e2e0864d.min.js
gauchazh.clicrbs.com.br/static/ 		128 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-r.f93486301627e2e0864d.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
ee210c77ed7557695e2e2e30d3b6dd67ef4b87e04f47f2fadf2adb88641f2870

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsUc5cvmE5RnTJ7v0Lpubh1sC7CLT9whz2rDyKi7iwnNrEtWrNpfR1iYl3WDRVRF7XGUJcm79Cb9w0b3iv2LOE
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"18bfcc09541c6c0fc5a7f2ca55034063"
access-control-max-age
3600
x-goog-hash
crc32c=1TlGzQ==, md5=GL/MCVQcbA/Fp/LKVQNAYw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
verdors-a.dc4581bb20e0960111af.min.js
gauchazh.clicrbs.com.br/static/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d0cae948ba7b2ae4cf6123744dc1be2c19692879aa527a13c771b432aa18e2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycduFJfA8nA1ZxXjfJgqT_u9b_lH--55NV3q2rMs4Hp9tVUkKPl6DZ2lpbxl7vdFVbKFOz8XCBtcRt2q-o-ej7pbQM8EQuw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"b5777f5a7951afbb71d2253e981f732f"
access-control-max-age
3600
x-goog-hash
crc32c=TEHKbQ==, md5=tXd/WnlRr7tx0iU+mB9zLw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
verdors-rx.c814559b08d1b5f40cf6.min.js
gauchazh.clicrbs.com.br/static/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/verdors-rx.c814559b08d1b5f40cf6.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
02519f2ba07081abab568de34e18827f13648e69b65a0a741891bf945bae3705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtWg4Paeo2i_QCRn2kRZYgLWRq0sFGRDnI7mFZFFTdJl98HQ6cmR9rMGECFTiOO-MDh79Fdcr_mz2oIGqr1wdE
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"7cf4fe8d120c951d9aee6ed44651e24e"
access-control-max-age
3600
x-goog-hash
crc32c=PG5NJw==, md5=fPT+jRIMlR2a7m7URlHiTg==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
gauchazh.clicrbs.com.br/static/ 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
051e78ff49e006565aa057c9ca589e78513468a892d7236136a69cc5808427e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdulk5kCkXh-ckgSVJFi0sZpRjur1O7pYGml5_LZk8X_oa8Ix5sgNHqwILJRuhyTonTv-ryowgdLYQXUbvHwt_c
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"9cb65618c14029e47ef7d1d907dfe937"
access-control-max-age
3600
x-goog-hash
crc32c=kBt4Ew==, md5=nLZWGMFAKeR+99HZB9/pNw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:14 GMT
main.0a0eb0c80e85925a8555.min.js
gauchazh.clicrbs.com.br/static/ 		248 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
312d7eb4c26fc423dca77839b887636055fd1aca5c4be355352f1a5c53e997b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvDZGl2FqAY_ycxkGrEg5HQga9VMmTShszjFZ9Q5qb3VWVAUBaiEfGGlkayNsgfCFrqYr7a-AxhATe98t0bCBk
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:07 GMT
server
UploadServer
etag
W/"311250141112a202f692022f6ea0543f"
access-control-max-age
3600
x-goog-hash
crc32c=XOkDng==, md5=MRJQFBESogL2kgIvbqBUPw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
vendors-b2e867c67fc92aee6640d6a53241d181.f0277291dbfeb86baa45.min.js
gauchazh.clicrbs.com.br/static/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-b2e867c67fc92aee6640d6a53241d181.f0277291dbfeb86baa45.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
8a3be5c42a100f7deea011d1d5d80652f5f8bc26ba5fdbc12cb470f4ce69bd23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsitVgJi-gFN3VUlzHj7ELMlcDS8bexalBh296h1TsWDt0gjSusxqjRaDk-3Ad9AqyyKdIJwWcg8-kKJ_BIl1Q
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:30 GMT
server
UploadServer
etag
W/"a9dfd4c0d1a94aa88b13b3307f821b2c"
access-control-max-age
3600
x-goog-hash
crc32c=zktprQ==, md5=qd/UwNGpSqiLE7Mwf4IbLA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:55 GMT
vendors-230bf373063d538aa5c79e53551b5a5a.7e371db3868c9a4c4097.min.js
gauchazh.clicrbs.com.br/static/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-230bf373063d538aa5c79e53551b5a5a.7e371db3868c9a4c4097.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
b16a912d69dab19b2d1e21e13606ff7396983ab7f6337ddcda7c11059091b196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdvrH8XIR4tLSTSQtpgl8j8eObacMRrDsr9Wu0g0stMiuk0JYF8KMNoBBykN0E25HO53vKyBdq3vqW46i2qDydY
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:29 GMT
server
UploadServer
etag
W/"9fa1371539bee1f83762809db4c07543"
access-control-max-age
3600
x-goog-hash
crc32c=4KjBPg==, md5=n6E3FTm+4fg3YoCdtMB1Qw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:55 GMT
vendors-0eb2b04b52945091efa61f27a7229882.a51b3007ed6a4c1b8c3c.min.js
gauchazh.clicrbs.com.br/static/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-0eb2b04b52945091efa61f27a7229882.a51b3007ed6a4c1b8c3c.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d16d12a90867ed71e37a43f1c13e71a327fcca58f42df4776f1def56f8031ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdv_YRKr_2bcEeM3Gwzi6_MnNwvuEbsEPG2N9JAVKPN9H7jbFYBcN9qIWBPjPpfxRM8-odHY92rrqRQchWYnizw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:29 GMT
server
UploadServer
etag
W/"e1665e489734b6b0d72e3928bdb0259d"
access-control-max-age
3600
x-goog-hash
crc32c=3WMOkA==, md5=4WZeSJc0trDXLjkovbAlnQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:05 GMT
vendors-4762ca13858d2dcb39282aa38135db10.c6b7360f12fa540b0ce7.min.js
gauchazh.clicrbs.com.br/static/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-4762ca13858d2dcb39282aa38135db10.c6b7360f12fa540b0ce7.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
e235dfd21a3870110546f9be94ef0a05928c5cc62b73d356db1879abd2e8cfab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycduLj93H2nPjzqCU9PTw0ukjSttDefSBHNZ0AoOnn054ERag1eY4DcN_v8Ubx7AExfTigaHUgqSEuwuV_81NIc6N6EmdHg
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:30 GMT
server
UploadServer
etag
W/"7e80c3fce6b658c51841ccd9a8115748"
access-control-max-age
3600
x-goog-hash
crc32c=NDWM/Q==, md5=foDD/Oa2WMUYQczZqBFXSA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:05 GMT
commons.c752aecad3555e391264.min.js
gauchazh.clicrbs.com.br/static/ 		425 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/commons.c752aecad3555e391264.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
954fd4d2ed05350823d3b43782f7e4476fb25689819e4b5d5c5c790e38d9e1ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtnWgIbcoej89ABoQUE8yyjFJwpVCujsTdpcFCZYgdjgjtC1IIu8DOoCtFav8rq6047GS62Zq0_2Bto3jyEres
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 09 Feb 2022 19:10:02 GMT
server
UploadServer
etag
W/"284cce5abc13584c96e369e38215bdb9"
access-control-max-age
3600
x-goog-hash
crc32c=GI5iWw==, md5=KEzOWrwTWEyW42njghW9uQ==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 09 Feb 2022 19:10:34 GMT
pages-cover-main.56e2c7c8a3f2905df359.min.js
gauchazh.clicrbs.com.br/static/ 		801 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/pages-cover-main.56e2c7c8a3f2905df359.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
06b81e88db63cdeaaa646eff63a8b294f45989e4775c46f6e8e53af36147722d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtsSS7YFgc68pWwoE5rnuY_jLJKnk4xF7oSpEcsqR3hWjznbal0x0ZITFfPUapwu0W_74gz4zGZWJMvLGdqQi4
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:27 GMT
server
UploadServer
etag
W/"1bfff99293dd732c343abcc69fc4039f"
access-control-max-age
3600
x-goog-hash
crc32c=4N7Ylg==, md5=G//5kpPdcyw0OrzGn8QDnw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:59:06 GMT
9anW7121.js
cdn.privacytools.com.br/public_api/banner/script/ 		410 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/script/9anW7121.js?p=bottom&t=1597177411654
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60077ed37626dafb3e2ae60cc8463ca7190e378d25f47398adf0f966ac2cfaa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Feb 2022 04:37:43 GMT
server
cloudflare
age
1162273
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDIPNTM%2Bt%2Fppf3SHpTV6eN8PSVDEplqyENahi5jC4ceeHqY2oHEWGxRzuoo8GvrQMAEZTwpFFkOz37fq9KU7tFqvFU01XywJF5OL9uIFWmSFcfGOJfd6G44eHGylJKiQKGO9XDA9QSURDoOg1mUzYa6v8Z5V"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cache-control
public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de7cefe5c455a31-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		40 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00893818e9dd84c02d708b6b88d85f34d855990f4f3d853df9d1257a6088840e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:28:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:28:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:28:55 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WLM7H6P&cid=477300590.1645025336
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
447c289dd7e2fa34ae74528c86a706ea96252f85fb9bc7b8e21873b0a560da64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35861
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:28:55 GMT
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ac8588ee6e33be668883f48a806efa162ca555058b822b262d4804890e6d5b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		191 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a1459160b99d548b8239afbdf7a41ca91fe1e3ba247d1d565df31bea0d6533

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afa6b81f1bf984f4a5ea2e070bb58207b870de0001a8ca07d3f66be20be25f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1ec4e6bcbe16aa5d5528b53498c024d8e56c5040ad418906cbdd2a0bf37ab69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d69ff4665e0f752198eaf19b1385789539f11fd46cd069335f90082cfd58042

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3728dcae7f124057d95b29a59cc6b580e9dc78a45f5b76bee1f62f345bfeb69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4526aff82ef10df4085b45b7b95fa8f7173a81e86a7b4f1f2bdf0c3d08f66877

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
385470e1b0daa0a2a4c86aaa0a3c45f7a434a2b72772a257978be7c604d930db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
img/png
ad-background.png
gauchazh.clicrbs.com.br/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gauchazh.clicrbs.com.br/static/images/ad-background.png
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
be5efae6930f6ddbf7d7c112ca85838d02bf367a2a1d5c53202250c1e1476962

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/static/commons.a54cae8f055e6269138e.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
access-control-allow-methods
*
x-guploader-uploadid
ADPycdsR04kCleOrrnbTNXITCNQvdjnE54JQefCdU7rsvlzpoUr5tKbF44d4yTUxlZSGfXeuFYkYDv4XrIDbwz2wX4vIOBamlA
x-goog-storage-class
STANDARD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1878
last-modified
Mon, 25 Oct 2021 13:12:31 GMT
server
UploadServer
etag
"dec4d7473a3733d76ccce5099863a8af"
access-control-max-age
3600
x-goog-hash
crc32c=tMzRbA==, md5=3sTXRzo3M9dszOUJmGOorw==
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
expires
Mon, 25 Oct 2021 13:13:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
452453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
595957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:17:51 GMT
x-content-type-options
nosniff
age
439865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 13:17:51 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v22/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v22/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:02:38 GMT
x-content-type-options
nosniff
age
33978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:13:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Feb 2023 06:02:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:58:32 GMT
x-content-type-options
nosniff
age
595824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:58:32 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:29:12 GMT
x-content-type-options
nosniff
age
453584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:29:12 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Roboto+Slab:wght@300;400;700;800&family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 22:59:56 GMT
x-content-type-options
nosniff
age
318540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17540
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Feb 2023 22:59:56 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=clicrbs.com.br&domain=gauchazh.clicrbs.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
x-cache-hits
1
age
1552
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
570
x-served-by
cache-mxp6947-MXP
access-control-allow-origin
*
x-timer
S1645025336.257509,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 14 Feb 2022 15:03:04 GMT
hotjar-515419.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-515419.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash
44c87e5db4ef3e2fc23b77f8ef956311fe8571b23c700261f774613e78099021
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
46
etag
W/bc47ef8efd87c1e4c64dde16f9fbb80c
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
gQ2YOVQC_34Urn6GlIF5WqYTJO3reKZoJltOf_s_VlCvDkhhukRyEQ==
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
7nGg1Rf9YwQ/EpuS/XzHa5oYt1JM4Ey81eqvq5ygi8fAtm4jj7A5tnxjUKfm5oR/7GDIbHE4KA9v07BtDhiAIg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 16 Feb 2022 15:28:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
zem-metrics.min.js
ad.clicrbs.com.br/zm/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtCTkyhgZXBLYrMsk7dvzs8gQ1rUouS2Ph2r1SUYKRntEjN11kXqiQ2Dh8itqsxNTOebXdj9lA9gDu755RxjX9ASuiQAQ
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 29 Jun 2021 13:00:13 GMT
server
UploadServer
etag
W/"fdcc54b7568cfbe13482c5ea3a73843c"
access-control-max-age
3600
x-goog-hash
crc32c=QnqF/w==, md5=/cxUt1aM++E0gsXqOnOEPA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 29 Jun 2021 13:01:41 GMT
loader.js
cdn.taboola.com/libtrc/rbs-network/ 		415 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/rbs-network/loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
915434fa63637faeed4ce9db4624f9d3a2e507f1c37b110e848c283c407cf33e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
zTP.tMGq47q7u_UE9exD0wuc4fNkpuAN
content-encoding
gzip
etag
"b724c6a72e3a689010e91bda3188e29b"
age
115
x-cache
HIT
content-length
34164
x-amz-id-2
NZ1rDnetRvWbkCxbnM/ZcQL0Mw0qsOIsIzbxV3H7u7ZIioa4dwGtSBJnnW1tkqF8HdqXoqDw3Hw=
x-served-by
cache-hhn4044-HHN
last-modified
Mon, 14 Feb 2022 13:36:34 GMT
server
AmazonS3
x-timer
S1645025336.436081,VS0,VE1
date
Wed, 16 Feb 2022 15:28:56 GMT
vary
Accept-Encoding
x-amz-request-id
DH8CVDY9XT9N7E28
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
90
x-cache-hits
1
tm23955.js
tag.navdmp.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm23955.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc519a71f76661cdeb01cb054c91a540510c14b29f3973a5da6d3a2655f583c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 10 Feb 2022 18:08:19 GMT
server
cloudflare
etag
W/"62055493-3f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6de7cf010e5f3742-MXP
content-type
application/javascript
expires
Wed, 16 Feb 2022 16:28:56 GMT
swg.js
news.google.com/swg/js/v1/ 		143 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45355
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 18:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:57:08 GMT
module-ads.min.js
ad.clicrbs.com.br/js/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
dc930abe14ab06c49001c1ea8ad294e2d2e1145dedda720dfac54f8288640f56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
access-control-allow-methods
*
version
2
x-guploader-uploadid
ADPycduAV5V4Xw1-Hvp0kpA9YvnPTG27a3UJXyqtPB9rAX9gcNSlfSISXKh60FcRdHYnm9tpfqkPL4fVRs5XXc7K5JU
x-goog-storage-class
STANDARD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27393
last-modified
Wed, 17 Nov 2021 15:42:01 GMT
server
UploadServer
etag
"d160d86e501df7fab63d861aeb36268c"
access-control-max-age
3600
x-goog-hash
crc32c=s30yZg==, md5=0WDYblAd9/q2PYYa6zYmjA==
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
expires
Wed, 17 Nov 2021 15:42:47 GMT
apa-loader.js
pagamento.clicrbs.com.br/loader/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagamento.clicrbs.com.br/loader/apa-loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
395ddc9739ef87bbfd5a7684d16b8b684f0a8601b6d64b8d705502be1603c26a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 19:42:31 GMT
age
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
content-length
20904
expires
Wed, 16 Feb 2022 15:33:56 GMT
nossa-loader.js
nossa-loader.clicrbs.com.br/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossa-loader.clicrbs.com.br/nossa-loader.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
ab6c2d2f7f2b318e51cbf51913cbc0f30a226a4df15eac7e1f8241a559930e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 18:44:45 GMT
x-timer
S1636398338.349015,VS0,VE1
etag
"43ea3097ded2c21b7ec982eb92be4572e19492badd4a0004326e45abb6bfd1a0"
x-served-by
cache-cgh11176-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
63557
x-cache-hits
1
vendors-912af0dff974604f1321254ca8ff38b6.2ec674b1c1b5fe8f6975.min.js
gauchazh.clicrbs.com.br/static/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/vendors-912af0dff974604f1321254ca8ff38b6.2ec674b1c1b5fe8f6975.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
369a9428fcda0514826cab6a50441b0fa67bb7618018fa72f07d991dac70b098

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsaxpls3KQO68OpjI1Hh2BJKvxahJOy4cU0knEaCnUzLqhG6wEtA30VgC0uL2XppCAcZZrHIGfgXS5LwYWaQ1A
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 07 Dec 2021 12:48:44 GMT
server
UploadServer
etag
W/"70c5d43b30fcb7d276bbfe75948c9293"
access-control-max-age
3600
x-goog-hash
crc32c=UoEJLg==, md5=cMXUOzD8t9J2u/51lIySkw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 07 Dec 2021 12:49:16 GMT
player.dfebc88b296e495e3336.min.css
gauchazh.clicrbs.com.br/static/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/player.dfebc88b296e495e3336.min.css
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
f2fa75fb3b2cdc2fbdd29c43a3010acd04e4af6be218651b9f151dbc44756edc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdtpiCu5LDAPacaABpuoIPz9DShnQWsW2KZAUYzbCuM_Q18q-Dlee-rqnjuWw1KI3AjyO3gc_dgnOFzlMFvbwz0
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:28 GMT
server
UploadServer
etag
W/"439f3515517cecd23b999ba5735855e9"
access-control-max-age
3600
x-goog-hash
crc32c=dog2Yg==, md5=Q581FVF87NI7mZulc1hV6Q==
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:57 GMT
player.3a0e3f71f0e51ec4199a.min.js
gauchazh.clicrbs.com.br/static/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/static/player.3a0e3f71f0e51ec4199a.min.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
54e399ff7252ace149b100e87451ff4031a94cfbd1cf80916d4b83da6f6014c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
vary
Accept-Encoding
x-guploader-uploadid
ADPycdv2IdeLBUl5Yv6xUgB7hoBDyRjhJu4RXPKg31W5K-lvlfKdKLXnmnDhp6XZroQ8ye8UDC9seWiA5u4MpWV_jPM
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 13 Dec 2021 18:58:28 GMT
server
UploadServer
etag
W/"b8028a9ca983485f242ed0ba4b0148db"
access-control-max-age
3600
x-goog-hash
crc32c=hT7DIQ==, md5=uAKKnKmDSF8kLtC6SwFI2w==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 13 Dec 2021 18:58:57 GMT
settings
gauchazh.clicrbs.com.br/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/settings
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
a17468d71dba20ea2c2dc495fe2ac92cc27d72d57fbbd46b81f2df5451880794
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"5bc-ucLoU+xA9O2hLgqJtMcgQZ2ZF+w"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
pwpvk5wz.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
Q9FTB30XQMG8CRDH
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/13/2022 10:55:34
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
fVbdwE+7jAGnAPJOHnr7f6gayYowM1veoR0FM1V1ENIN7sHFf+stl+kSvbWPGXGZdZRRfZuhanA=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"d651007a070c88cbb9122f128222fdb0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=86400
cdn-requestid
c8dcd12fce068aba51da808a7be7ae68
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
1949022_8c5cb683488784e.jpg
www.rbsdirect.com.br/filestore/2/2/0/9/4/9/1_0fc6eb5fc6eb714/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/2/2/0/9/4/9/1_0fc6eb5fc6eb714/1949022_8c5cb683488784e.jpg?w=575&h=385&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
0bd4472749669e4a3631a54111319546ceead544e0548d926cf9e4c7c98a8427

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
184701
x-cloud-trace-context
7a63d3543ab1d572f6e477801132ce5c
cache-control
public, max-age=2592000
function-execution-id
524tb2srbp6l
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72528
expires
Thu, 17 Feb 2022 13:32:46 GMT
1948898_c758cbaf81833a3.jpg
www.rbsdirect.com.br/filestore/8/9/8/8/4/9/1_1c7bcf71aa882b4/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/8/9/8/8/4/9/1_1c7bcf71aa882b4/1948898_c758cbaf81833a3.jpg?w=575&h=385&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
f731ff13de53f2bc7fd6c0fa5b530649db506b5544da9c5687b245c82217738f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
103548
x-cloud-trace-context
e7de40ddb3daed0c32f11b925d80e7f1;o=1
cache-control
public, max-age=2592000
function-execution-id
buvbibhkzpsk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42818
expires
Thu, 17 Feb 2022 13:16:09 GMT
1947754_d7bb0df40e29f8e.jpg
www.rbsdirect.com.br/filestore/4/5/7/7/4/9/1_4e54eb9f15e6f16/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/4/5/7/7/4/9/1_4e54eb9f15e6f16/1947754_d7bb0df40e29f8e.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
bb4e5a43c400ad8b5ed7a07da8897663f590de7f60065d5e828792179ba1b958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
88405
x-cloud-trace-context
f5f94b7dd64e25c1bda9d67c9d785780
cache-control
public, max-age=2592000
function-execution-id
xpdkxznz9iky
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4414
expires
Thu, 17 Feb 2022 10:29:41 GMT
1948311_5c863ccb5f6dbef.jpg
www.rbsdirect.com.br/filestore/1/1/3/8/4/9/1_bc56d518ee6fed0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/1/1/3/8/4/9/1_bc56d518ee6fed0/1948311_5c863ccb5f6dbef.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
85974d7c5ae1b1a0f07bdcb88ff37a2893533248a12af5c40c0c6fcccbed06db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
146855
x-cloud-trace-context
71996eb1636bde4f07c125ef798d3b80
cache-control
public, max-age=2592000
function-execution-id
qh4xt8rw6irr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5321
expires
Thu, 17 Feb 2022 11:26:27 GMT
1939294_da71f4585e50904.jpg
www.rbsdirect.com.br/filestore/4/9/2/9/3/9/1_ba9fb68b52fd47d/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/4/9/2/9/3/9/1_ba9fb68b52fd47d/1939294_da71f4585e50904.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
d0bb2cfbc0632201ddefe3bb3cf02bdd82a1f1ce28d82ca2441022068638380c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
152100
x-cloud-trace-context
122cb1e678ce6f557fb20e8ad4eb43ae
cache-control
public, max-age=2592000
function-execution-id
xjvkfwpxu0jf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5266
expires
Thu, 17 Feb 2022 12:06:46 GMT
1573383_8db35f2bae350fc.jpg
www.rbsdirect.com.br/filestore/3/8/3/3/7/5/1_a78c68897d464c2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/filestore/3/8/3/3/7/5/1_a78c68897d464c2/1573383_8db35f2bae350fc.jpg?w=133&h=90&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
e454c728482f2ddb3feabc93952a28ccd255a6074c92343736342394c75f5bb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
101738
x-cloud-trace-context
9b5364b4909d98d93b9f75f9a128ed0b
cache-control
public, max-age=2592000
function-execution-id
powzq387uum5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4389
expires
Fri, 31 Dec 2021 12:41:39 GMT
25492927.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492927.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
c6eba37f3825056552db1ce605bbde19f590bc7cbeb091191bc428b1ac2ccc87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
175423
x-cloud-trace-context
2a5f83fc121114d3cba5915b4553c98e
cache-control
public, max-age=2592000
function-execution-id
5j9xt8kxz8oc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2586
expires
Thu, 13 Jan 2022 10:14:48 GMT
25492948.jpg
www.rbsdirect.com.br/imagesrc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492948.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
11db909f3d3d75732c94b52aef00d31ff69f9e00813c8f3b9d8bb9aa146e9d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
147331
x-cloud-trace-context
80c3341fd286c44946ad192a8ae91241;o=1
cache-control
public, max-age=2592000
function-execution-id
w7zhqzcq3ew5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2331
expires
Mon, 10 Jan 2022 22:23:31 GMT
25492944.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492944.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
36098142ee4abe732f1ce320ef294850b99cffaec5e5bd9369e6f30defd48181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
236688
x-cloud-trace-context
7365dec9aef687542ee12be1d661d84f;o=1
cache-control
public, max-age=2592000
function-execution-id
81bvoofhuf1o
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2608
expires
Thu, 27 Jan 2022 19:14:20 GMT
23689188.jpg
www.rbsdirect.com.br/imagesrc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/23689188.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
7fea1533939a83fdd3078a70cd1e3de934f9f06652c5fcb1bf1846b3ef53056c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
62561
x-cloud-trace-context
356c7edf68136e7fc44680f272e1a34a;o=1
cache-control
public, max-age=2592000
function-execution-id
jz59srp9x498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5809
expires
Fri, 05 Nov 2021 13:28:07 GMT
25492903.jpg
www.rbsdirect.com.br/imagesrc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492903.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
8a3a9d32ad0cd9399475182d83800839c53c3a0945c24a1db0a8955522b16547

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
155621
x-cloud-trace-context
0d962ca18de646d91d3547ec0eac7920;o=1
cache-control
public, max-age=2592000
function-execution-id
j2e88zz6qk77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2407
expires
Mon, 07 Feb 2022 18:54:10 GMT
24774143.jpg
www.rbsdirect.com.br/imagesrc/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/24774143.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
2652e68706489e729834d94001be164ee8de2f9a7fbd7218a8215464381b174b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
67461
x-cloud-trace-context
d2120019f4f4fa2d831d85a63d2ccf76
cache-control
public, max-age=2592000
function-execution-id
dvy9icjxrir9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
expires
Fri, 31 Dec 2021 20:57:03 GMT
25492900.jpg
www.rbsdirect.com.br/imagesrc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbsdirect.com.br/imagesrc/25492900.jpg?w=100&h=100&a=c
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
Google Frontend / Express
Resource Hash
ebcf864a2018b4b0f21659ad83c84be23ede2c89453cf7baa9d3865a5d4b9382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
server
Google Frontend
x-ims
Enabled
x-powered-by
Express
vary
Accept, Accept-Encoding, x-custom-cache-key
content-type
image/jpeg
x-original-image-size
181268
x-cloud-trace-context
a4a61f8b127adc1b86a309dbe800f842
cache-control
public, max-age=2592000
function-execution-id
pfiyeiyibn25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2654
expires
Fri, 29 Oct 2021 20:54:27 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		1 KB
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=clicrbs.com.br&domain=gauchazh.clicrbs.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
x-cache-hits
2
age
1552
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
570
x-served-by
cache-mxp6947-MXP
access-control-allow-origin
*
x-timer
S1645025337.748581,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 14 Feb 2022 15:03:04 GMT
modules.855de5fca5328f4d913a.js
script.hotjar.com/ 		235 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.855de5fca5328f4d913a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-515419.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 17:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
511730
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62578
access-control-allow-origin
*
last-modified
Thu, 10 Feb 2022 17:19:42 GMT
etag
"6f96b4466f1ad2a1f9575d6ac84a137f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
xwdxYfwXFVYtbReZv_Cm1zyfkD4xuJYekG4p5HwHL1_b91q7NvXN6A==
usr
usr.navdmp.com/ 		77 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=23955&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b260e796280c1492fa23b750cdca467921aaa0382bd748a6e6104a14a36347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6de7cf031ac63742-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Wed, 16 Feb 2022 16:28:57 GMT
watson
opi.navdmp.com/ 		152 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://opi.navdmp.com/watson?&url=https://gauchazh.clicrbs.com.br/
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4d47df5f2bd23ed98af5a718234733be65fad15a188097a63a9cc4c1357cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
6de7cf037b4f5a01-MXP
871225726343984
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/871225726343984?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e76d996ca804bfb66a6a142afe6189c9123966c3c2d82b4f9d36e93ab5313a4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QbTXPtH5Y2k2Ed1Fchuz7chwz8+ghU8lLJO8iweAaZyalKK+5JOnKsM6UTjArsPlFkE3gOqq/k57/hRTf5fNbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Feb 2022 15:28:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:29:07 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:36:12 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:20:16 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
32921
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
ZOoqDGHYD0n0Yk6Nrf-6w9uv9bv4atTiTVdyedTfg18Cq98Wb3KUIA==
entitlements
news.google.com/swg/_/api/v1/publication/gauchazh.clicrbs.com.br/ 		2 B
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/gauchazh.clicrbs.com.br/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame BE0F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-515419.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
8u8AVuS_6j8XRysOJAJyrtzMGsTF2v9b_SxAGaTex2RseHIStLjrew==
age
1060610
/
identificacao.clicrbs.com.br/gzh/0/ Frame 4941 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Requested by
Host: nossa-loader.clicrbs.com.br
URL: https://nossa-loader.clicrbs.com.br/nossa-loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
0462e37a066b69587431280065cf9adfc4c18aba5392529fbba36c16889a64c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-type
text/html; charset=utf-8
content-length
1154
cache-control
max-age=3600
content-encoding
gzip
etag
"6cbf2b0bf930ccce6da4824b4dcbed46f9c9cbc752f575b5f268d6be1baa485d"
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-served-by
cache-cgh11172-CGH
x-cache
HIT
x-cache-hits
1
x-timer
S1636646378.994671,VS0,VE1
vary
x-fh-requested-host, accept-encoding
accept-ranges
bytes
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
VAHC9ly67MKOZ6GkUb6PUXoSOQMX2U4hkV8Dp4pfbWjA-NG0H_Vdtw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 16 Feb 2022 15:28:56 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1645025336886&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
content-length
315
x-amz-cf-id
fy194l8_PSc89koeke30AaGmKny0X5uOLkwwt19piBsU7ZxrX7gqaw==
pwpvk5wz.json
l.getsitecontrol.com/ 		947 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/pwpvk5wz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
756
x-amz-request-id
07MJJ6TVQ0FKKGG9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/11/2022 16:32:52
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
l07FjHg+9mVB/LyHZ+IUkD7RonBNRPb/aSIJGSob/S71TJZzGTAJ3GsVJQX88DDfVpDiSX/mb3I=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"39f3edb214f833d6d42bf98efc33a704"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
fe10c67ca74c7d96bc085f981b5d39eb
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=871225726343984&ev=PageView&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&rl=&if=false&ts=1645025336896&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1645025336895.2067078214&it=1645025336773&coo=false&rqm=GET
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 16 Feb 2022 15:28:56 GMT
pwpvk5wz.json
l.getsitecontrol.com/ 		947 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/pwpvk5wz.json
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/vendors-fad58de7366495db4650cfefac2fcd61.486208f33ca7adfd0198.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca

Request headers

Accept
application/json, text/plain, */*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
756
x-amz-request-id
07MJJ6TVQ0FKKGG9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/11/2022 16:32:52
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
l07FjHg+9mVB/LyHZ+IUkD7RonBNRPb/aSIJGSob/S71TJZzGTAJ3GsVJQX88DDfVpDiSX/mb3I=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 11 Feb 2022 16:32:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"39f3edb214f833d6d42bf98efc33a704"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
9b0c76adf7e2a1f6b6b988b36a8c996b
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
graphql
gauchazh.clicrbs.com.br/ 		531 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/graphql
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
fb1e80d37bd348157da29701377633ef2b99781853f872d7ddd6886fae82c6e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"213-tRoIMImOv2rkD9p7ijYuhoPk1ZE"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
graphql
gauchazh.clicrbs.com.br/ 		18 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gauchazh.clicrbs.com.br/graphql
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/verdors-a.dc4581bb20e0960111af.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
e86edc1e75e885c59b0df44e8e10757847487c8ffd9d98b5ae79d04aa4570cc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-post
yes
etag
W/"49fa-qfypcTlM9maoUpras0nlceimnLY"
x-frame-options
DENY
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3600
cache-control
public, max-age=60, stale-while-revalidate=86400, stale-if-error=86400
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 0A10 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
172d920cfc0057686039fd1068a7008a421a739104dd27c98aeb9bb6b22f0fa4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-M6d3Dru/BrqUi/BeJnigqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-M6d3Dru/BrqUi/BeJnigqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 16 Feb 2022 15:28:57 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-M6d3Dru/BrqUi/BeJnigqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-M6d3Dru/BrqUi/BeJnigqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 0A10 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-SZ0Itd3EAWM7WGnpCW/69g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-SZ0Itd3EAWM7WGnpCW/69g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:57 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-SZ0Itd3EAWM7WGnpCW/69g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-SZ0Itd3EAWM7WGnpCW/69g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 0A10 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:29:07 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 0A10 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6771b47b18b9d6c3c553adfa4a75dab513047880500fb37d9814252e8b11c950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58044
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 16:59:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:02:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0A10 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=456951&publicationId=gauchazh.clicrbs.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options
nosniff
age
80536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 17:06:41 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame 0A10 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GAAg/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7Hw3OFlYAtb95kKLeHW8RELFYVFw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922d6b0274c900d518e815e45bf3e5a646f45ca92fdb3de5ac99aa0d02054b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13737
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:50 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame 0A10 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GAAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7Hw3OFlYAtb95kKLeHW8RELFYVFw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
629d5a24e044dd4039de4c45abce8c365013cbed5def0d8ead586c68d31d06d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:50 GMT
main.9e7c7a27.chunk.css
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/css/ Frame 4941 		66 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/css/main.9e7c7a27.chunk.css
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
59349af94fef6e16882ee1473345e998bd9c79ab2df27c26ad0faa9c1daf8969
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646375.753609,VS0,VE1
etag
"638083b67126f5b377333f95ef7bc0c5ad5575e1af95ae361314da00cb2dd81e"
x-served-by
cache-cgh11158-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
11468
x-cache-hits
1
2.26c95da6.chunk.js
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/ Frame 4941 		529 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/2.26c95da6.chunk.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
24610698edf13a9595faaddb0be5e9f5c5163f72fb96035091a983be293313fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 18:16:16 GMT
x-timer
S1630002099.118314,VS0,VE0
etag
"d747237a03837c7b04189a57347966a86ffd21aaa06dbee0af8c6998d1346c01"
x-served-by
cache-cgh11168-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
165620
x-cache-hits
2
main.97f0312d.chunk.js
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/ Frame 4941 		157 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/main.97f0312d.chunk.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
838b7351ffd6539bc4fd81958e31810222038748b89faa4de0bd00e8b2494da6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646372.347742,VS0,VE1
etag
"b25fd9ba39f81a31e10a0bf42274ee28faa2eda8293512e557ca4f7a8bc7046c"
x-served-by
cache-cgh11172-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
39792
x-cache-hits
1
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 0A10 		460 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-479673480492685034&bl=boq_subscribewithgoogleclientserver_20220214.08_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=55738&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
471446ba6b63ba06cb277b373cf90df7f8b205fe79c375d0d2f8ad08114f58a8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1... Frame 0A10 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.v0lOH1rwK3o.L.B1.O/am=GAAg/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI7Hw3OFlYAtb95kKLeHW8RELFYVFw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4589e9be8fb2fe056439ef9a65adf444c3ca964227299f2753ddd1db3242023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 21:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7245
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 01:04:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:22:50 GMT
gtm.js
www.googletagmanager.com/ Frame 4941 		190 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL92Z5K&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58b9253d0d5a497e0914e931a50a4fcfddcb55ecced22b669c66cc5fae4190b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67240
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Feb 2022 15:28:57 GMT
zem-metrics.min.js
ad.clicrbs.com.br/zm/ Frame 4941 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/js/main.97f0312d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtCTkyhgZXBLYrMsk7dvzs8gQ1rUouS2Ph2r1SUYKRntEjN11kXqiQ2Dh8itqsxNTOebXdj9lA9gDu755RxjX9ASuiQAQ
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Tue, 29 Jun 2021 13:00:13 GMT
server
UploadServer
etag
W/"fdcc54b7568cfbe13482c5ea3a73843c"
access-control-max-age
3600
x-goog-hash
crc32c=QnqF/w==, md5=/cxUt1aM++E0gsXqOnOEPA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Tue, 29 Jun 2021 13:01:41 GMT
log
play.google.com/ Frame 0A10 		131 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private
log
play.google.com/ Frame 0A10 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 0A10 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private
log
play.google.com/ Frame 0A10 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private
runtime.d8fed6e.js
s2.getsitecontrol.com/widgets/es6/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/pwpvk5wz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
90ab255dd831f5c019c791dc30f6c03be753cc6ad95534ca92bada2837a66618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
CPYDXPZHDP95HBX9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
02/02/2022 12:46:42
cdn-pullzone
83560
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
PRI6aodAEl9JMTCtqwZDKjaMJUu4FjEqmtwZkJdriAj1l6Ybq+0LcaBndh2RJnv6lPsgjA9b7Eg=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Wed, 02 Feb 2022 12:42:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"4cdb9e72e0e5317a13bb9f442d58d843"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=22809600
cdn-requestid
d4f346fbac17e3b375abe31b46d4f566
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
facebook.7401cba6.svg
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/ Frame 4941 		311 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/facebook.7401cba6.svg
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
dc1de07fa34f5a152c80eefde3566285b0aa80328478cb72dff5b67d7c18a07e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 18:16:16 GMT
x-timer
S1630002100.746835,VS0,VE1
etag
"54ac741b7182e2d7b5b951a149195aaa11f7cb3e7b286c211830db0fd63c2cf9"
x-served-by
cache-cgh11168-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
248
x-cache-hits
1
google.a33ad696.svg
identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/ Frame 4941 		861 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identificacao.clicrbs.com.br/identificacao-ipv6-prd/static/media/google.a33ad696.svg
Requested by
Host: identificacao.clicrbs.com.br
URL: https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
/
Resource Hash
5a88f85d0def284cbb3518e9df9462e4d4897401f7da3424e53216edeebda383
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identificacao.clicrbs.com.br/gzh/0/identifique-se?nossa-allow-metrics=false&full_referrer=https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 15:58:43 GMT
x-timer
S1636646379.601274,VS0,VE1
etag
"ff7e23ebaed1c8c4372ce65cc68d51d9242d6a6ee71c0e385f7bc9014ef2cc6e"
x-served-by
cache-cgh11145-CGH
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
content-length
481
x-cache-hits
1
ads-config-gauchazh.json
ad.clicrbs.com.br/json/ 		37 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/json/ads-config-gauchazh.json
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
6d44d02afbb548f22926b7382566b1ebb3dc908f95b9ba06e7657ec36361fed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtM1oRQpGQ-_6wfDlb9PkmsyKyOR1aCHsOZe9zq-9EGv1D0arBGp3shmNDoEoZB8grtT8lSLsCheOtFI180T-Dv182NQw
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 16 Feb 2022 14:43:54 GMT
server
UploadServer
etag
W/"6351c2377bb12eb76ad700007ee1858d"
access-control-max-age
3600
x-goog-hash
crc32c=8tlFHg==, md5=Y1HCN3uxLrdq1wAAfuGFjQ==
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 16 Feb 2022 14:48:57 GMT
b-pt-br-dk.svg
news.google.com/swg/js/v1/i18n/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.google.com/swg/js/v1/i18n/b-pt-br-dk.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-button.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52289797d7a998d98bf08962013ddb03c44e590ef423075542f1e729626839f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/swg/js/v1/swg-button.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4727
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 16:01:22 GMT
log
play.google.com/ Frame 0A10 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private
log
play.google.com/ Frame 0A10 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.gICe8oPiOvE.es5.O/am=GAAg/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6oYrFw7DhlWFBZwOUK5fTPYpssvg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private
events
events.getsitectrl.com/api/v1/ 		524 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-136-130.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
3487f66830d03416a2874df1d47b5183951665dd147ca1bce3e845d20e630bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
524
/
www.facebook.com/tr/ 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=871225726343984&ev=Microdata&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&rl=&if=false&ts=1645025337403&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais%22%2C%22meta%3Adescription%22%3A%22O%20jornal%20digital%20que%20te%20conecta%20com%20as%20not%C3%ADcias%20do%20RS%2C%20do%20mundo%20e%20do%20seu%20time.%20Tudo%20aqui%2C%20em%20GZH.%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22O%20jornal%20digital%20que%20te%20conecta%20com%20as%20not%C3%ADcias%20do%20RS%2C%20do%20mundo%20e%20do%20seu%20time.%20Tudo%20aqui%2C%20em%20GZH.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2Fstatic%2Fimages%2Fshare.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600%22%2C%22og%3Atitle%22%3A%22GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais%22%2C%22og%3Asite_name%22%3A%22GZH%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22isAccessibleForFree%22%3Afalse%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2Fstatic%2Ficons%2Ffavicon-96x96.png%22%7D%2C%22name%22%3A%22GZH%22%7D%2C%22hasPart%22%3A%5B%7B%22%40type%22%3A%22WebPageElement%22%2C%22cssSelector%22%3A%22.m-paid-content%22%2C%22isAccessibleForFree%22%3Afalse%7D%5D%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22GZH%22%2C%22productID%22%3A%22gauchazh.clicrbs.com.br%3Amulti_offer%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.2.1645025336895.2067078214&it=1645025336773&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 16 Feb 2022 15:28:57 GMT
impl.20220209-5-RELEASE.js
cdn.taboola.com/libtrc/ 		617 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ni.XKnNDCYFnD0XKIPB7fzmdxGXZ7_Rh
content-encoding
br
etag
"47aba8dcefca4560e05ab437baae1ec9"
age
20437
x-cache
HIT
content-length
130247
x-amz-id-2
C4xoagvjSLMQSS56VFYFpwmCZYL2J9LxU/w4DbbnE3PRSAULQr5EoaWsziBWdpu1ediUTKZAKSc=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 09 Feb 2022 09:39:49 GMT
server
AmazonS3-br
x-timer
S1645025337.427088,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
YZ6P6ZMR64YAZW31
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
82
x-cache-hits
16902
card-interference-detector.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59040ad1ec39e643a31d375c395e40e427d7af21000be2fbdd9eac9dcd47b56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
AYMkGBuiCB3GQVOuPN3bR3qO8B2VchDJ
content-encoding
gzip
etag
"a36fa12fa9daf2f6ba6a51286bdd5fd2"
age
1704
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2178
x-amz-id-2
yFHCPRp8T+BdVRKvFW9A1e4AefcoIvAXBYFfiQuJvvWc7jqTfaj3+pguwbKberis8WD8S0NDj+w=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 16 Feb 2022 15:00:29 GMT
server
AmazonS3
x-timer
S1645025337.479819,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
BF9N8QZEDCDAVYT6
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
872
json
trc.taboola.com/rbs-gauchazh/trc/3/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/rbs-gauchazh/trc/3/json?tim=15%3A28%3A57.480&lti=deflated&data=%7B%22id%22%3A596%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1644845789853%2C%22vi%22%3A1645025337478%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgauchazh.clicrbs.com.br%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9212%2C%22nsid%22%3A%22rbs-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22alternating-thumbnails-a-home%3Apub%3Drbs-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Right%20Rail%20Homepage%22%2C%22cd%22%3A3982.34375%2C%22mw%22%3A343%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CRight%20Rail%20Homepage%3Dalternating-thumbnails-a-home%3Apub%3Drbs-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c34d49b0ab2ba37107cb9aef0f4a47da501faeb4a7315d6aa1b47c80f57b329e

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
221
date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
server
nginx
x-timer
S1645025337.494083,VS0,VE221
x-served-by
cache-hhn4044-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://gauchazh.clicrbs.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
module-ads.google1.6.21.min.js
ad.clicrbs.com.br/js/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.google1.6.21.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
2c9c81639ba7877372b0df3229f7a80feb08c51f1bd333f96b8eb73a9a037a72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdsQyhOHHDOvnsrJI5iV33bW3MYe8Wk6rBKbGf3h_AKxDUx0DwrOiXRrJlxZ_5OyWJP86vZAV_ANGy-dt2WkIYKR5nClrA
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 14 Jan 2022 12:26:40 GMT
server
UploadServer
etag
W/"a915146b77888de3f0e2ebc039686ff6"
access-control-max-age
3600
x-goog-hash
crc32c=2bEi4g==, md5=qRUUa3eIjePw4uvAOWhv9g==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Fri, 14 Jan 2022 12:30:02 GMT
module-ads.prebid1.3.3.min.js
ad.clicrbs.com.br/js/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
4bb6981f122b7913e0bbd004eb2cc0b6a681bcf520a7c30d4800d0b16df49abd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdtvh1PUzFnKyytIpfFAq4-jOS77c4EClc94vrMdpY5sJDuG5ddb5zP_IVUA-umuLGy0mWJsvTgH4G93izNxx0I
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Mon, 21 Jun 2021 15:06:37 GMT
server
UploadServer
etag
W/"74187e2bba185f64d88c77ee915c0240"
access-control-max-age
3600
x-goog-hash
crc32c=892Pgg==, md5=dBh+K7oYX2TYjHfukVwCQA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Mon, 19 Jul 2021 19:29:08 GMT
cta-component.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
fsqJbYRZH0Vk5MHWXlwXqsZ1s5LHOxkt
content-encoding
gzip
etag
"9849d7a808261a0a8eb56398b3b71925"
age
1704
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5020
x-amz-id-2
ccszxAZCEqwoNX5c4Fw3tAmXlhyBZ4pzNTSUnA/cTLyyBFWHupsOhhbPQwynpOlOBCEfiQa08uI=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 16 Feb 2022 15:00:29 GMT
server
AmazonS3
x-timer
S1645025338.759148,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
BF9T7221R1SE4SXF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
1267
userx.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
P9_LYrfEY.Yh2nfVQAvBmtAIScK8Fh_v
content-encoding
gzip
etag
"61e315da9d36378bf5cee1884d4b1acb"
age
1759
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
bIXYHO41yy2ptbIFzG6h+cYiJdFyMjNVvKnqhNlJJn+dtpcjdBOudsBR374D1x0XOnhP4FqDxw4=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 16 Feb 2022 14:59:35 GMT
server
AmazonS3
x-timer
S1645025338.759263,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
N710C9MAQ62PZJ2H
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
866
distance-from-article.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d111500bf25634f687194ff4d0d56fdbf0408efbf5d3b7fbb5698a5427bda0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
4YMWkK_C6ft5aF.L0.kVansPWysF878i
content-encoding
gzip
etag
"985b3679263be8e68090502d42c0b343"
age
1706
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1003
x-amz-id-2
EjSGp22y7ipt1cMNx2U6nQPCIvM/NlOzas7wYTdBu6wujucizWIkxetciDi7FiGxqLUSVUbJIgc=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 16 Feb 2022 15:00:25 GMT
server
AmazonS3
x-timer
S1645025338.759332,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
XG3WNDTYS29RX7T9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
746
article-detection.20220209-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20220209-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/rbs-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8223c715d6927d3966caef0d8ee78e4ee5be665e2c26c8d7226d68ea052445f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
ZsVF7DRgWjZjveI815HxrwNO0ULaJo00
content-encoding
gzip
etag
"c7dddf34530fc6e1ab95602fa7bfe77c"
age
1543
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1234
x-amz-id-2
bWEDS5ym+uH7aKXe9HqZoXYe3N1XAZ/DsSksbKQcMbuBCBGcscRw56cUKZcJxDAR6YL6yFwgZdk=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 16 Feb 2022 15:00:30 GMT
server
AmazonS3
x-timer
S1645025338.759421,VS0,VE0
date
Wed, 16 Feb 2022 15:28:57 GMT
vary
Accept-Encoding
x-amz-request-id
CV3SWVJJMZC3EME2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
663
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/static/main.0a0eb0c80e85925a8555.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:05:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
1394
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
dGBdWXKJEb7gp79nA29f-CCEg_j4IzGI3uZZ0q1fymbUZM7jHTMHlQ==
expires
Wed, 16 Feb 2022 17:05:43 GMT
web_e
us-central1-metrics-prd.cloudfunctions.net/ 		43 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-metrics-prd.cloudfunctions.net/web_e
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/zm/zem-metrics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
server
Google Frontend
content-type
image/gif
access-control-allow-origin
https://clicrbs.com.br
x-cloud-trace-context
0e02e2d783b6618b6e2172dc407a4078
cache-control
public, max-age=43200
access-control-allow-credentials
true
function-execution-id
f0a981aqoohr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Thu, 17 Feb 2022 03:28:58 GMT
js
www.googletagmanager.com/gtag/ 		166 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BSW87XLWWR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71c2df2b80133a8cc8ddb77040ce8acd65e648540c509c596b11e434c1e92d84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63043
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:57 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1219844151&t=pageview&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1141659057&gjid=415149473&cid=477300590.1645025336&tid=UA-3469445-1&_gid=1325982982.1645025336&_r=1&gtm=2wg290K8Q8R8N&cd12=&cd13=N%C3%A3o%20identificado&z=189958408
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5045
date
Wed, 16 Feb 2022 14:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Feb 2022 16:04:52 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 15:28:57 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 15204755FBB242F68011179CF106D292 Ref B: FRAEDGE1420 Ref C: 2022-02-16T15:28:57Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 06:20:16 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
32922
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
VF-eLzOf1_e9P_QovYhcmPf5IANY-PhjNv11ZDp3cDmJhGiPL01LlQ==
tm23955.js
tag.navdmp.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm23955.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8R8N
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc519a71f76661cdeb01cb054c91a540510c14b29f3973a5da6d3a2655f583c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Feb 2022 18:08:19 GMT
server
cloudflare
age
1
etag
W/"62055493-3f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6de7cf09ba893742-MXP
content-type
application/javascript
expires
Wed, 16 Feb 2022 16:28:56 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1219844151&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&ul=en-us&de=UTF-8&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Assinantes%20-%20GZH&ea=N%C3%A3o%20identificado&el=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=477300590.1645025336&tid=UA-3469445-1&_gid=1325982982.1645025336&gtm=2wg290K8Q8R8N&cd12=&cd13=N%C3%A3o%20identificado&z=1579397378
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 10:55:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16395
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
42613a36d0e91e9035438e3a8757076c4b4bb29fb41ce3547b782a8d44dffc6d

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
access-control-allow-origin
https://gauchazh.clicrbs.com.br
machineid
1444
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4044-HHN
pragma
no-cache
server
nginx
x-timer
S1645025338.887809,VS0,VE28
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
9adf2a98315baed83bd4692f1333a9e2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc0c653fc6616c9a804051df24255ac47ebdb98a5d32a1973844165dc0bcdc4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
4148340
edge-cache-tag
586919808178527439769263544249810208008,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
586919808178527439769263544249810208008,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
75
expiration
expiry-date="Mon, 10 Jan 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9adf2a98315baed83bd4692f1333a9e2.jpg
content-length
3468
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Fri, 10 Dec 2021 09:05:28 GMT
server
nginx
x-timer
S1645025338.888213,VS0,VE1
etag
"72135394c3addc1a8e9242fa489fda03"
x-served-by
cache-wdc5571-WDC, cache-iad-kjyo7100094-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/ 		612 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2be149f5e75208addf12839a437f423992d2964e9064305a2bdc73323daa49f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
2367371
edge-cache-tag
395612515767782709795148446319283160263,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
395612515767782709795148446319283160263,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
24
expiration
expiry-date="Sat, 12 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gauchazh.clicrbs.com.br/static/images/share.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
612
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 12 Jan 2022 08:14:06 GMT
server
nginx
x-timer
S1645025338.888140,VS0,VE1
etag
"9e233efb554e1f18de3143d2d7484db1"
x-served-by
cache-bwi5048-BWI, cache-iad-kjyo7100110-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
a9ef3a397c66667e89252f11878b6505.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a9ef3a397c66667e89252f11878b6505.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bd1a6ed773a5ffd85d292aaf7c25c593686b1dc20baadaf69cb993e4b2ba6725

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
908092
edge-cache-tag
485038705070740944095279653345771261870,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
485038705070740944095279653345771261870,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
358
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a9ef3a397c66667e89252f11878b6505.jpg
content-length
3188
x-request-id
1014f4a100b8cc19da537720328d4d14
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 17 Jan 2022 07:21:04 GMT
server
nginx
x-timer
S1645025338.888006,VS0,VE1
etag
"60bab4203a7535cd0ac262d0dd28002a"
x-served-by
cache-bwi5057-BWI, cache-iad-kiad7000142-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1930175_e03c5ce6bbe2689.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/5/7/1/0/3/9/1_06854f3fe70caf8/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/5/7/1/0/3/9/1_06854f3fe70caf8/1930175_e03c5ce6bbe2689.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f12395a5212aa78d3d5044834abe91397c96a1c4458f5104cb00294a092f798

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
177305
edge-cache-tag
623346567894760936577960089761286090835,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
623346567894760936577960089761286090835,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
418
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/5/7/1/0/3/9/1_06854f3fe70caf8/1930175_e03c5ce6bbe2689.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
3286
x-request-id
7fbe2927b31e2a8704157dc63f054f89
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 14 Feb 2022 12:28:52 GMT
server
nginx
x-timer
S1645025338.888303,VS0,VE1
etag
"f7691309a09b77d2db59fdd3616d47ad"
x-served-by
cache-wdc5540-WDC, cache-iad-kcgs7200109-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dac132bbca53590d70e221bdd1630ae7e267f05466287a0ce5cc485f89d75a65

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
content-encoding
gzip
access-control-allow-origin
https://gauchazh.clicrbs.com.br
machineid
1451
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4044-HHN
pragma
no-cache
server
nginx
x-timer
S1645025338.888409,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
407ed4e53e2521b7f64be4494d30e8bc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/407ed4e53e2521b7f64be4494d30e8bc.png
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e8ee18a8cf05c580dc110620e5f3994a81a33aff4d43be390fd58495b535881

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
1048048
edge-cache-tag
391486141367942434071635263188890339825,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
391486141367942434071635263188890339825,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
99
expiration
expiry-date="Thu, 10 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/407ed4e53e2521b7f64be4494d30e8bc.png
content-length
1836
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 10 Jan 2022 08:37:23 GMT
server
nginx
x-timer
S1645025338.889157,VS0,VE1
etag
"f4b11bd7d9c01bee68279ba5c4138cbe"
x-served-by
cache-dca17761-DCA, cache-iad-kjyo7100028-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
5afdaab7dc6337f49602f0b1723713d0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5afdaab7dc6337f49602f0b1723713d0.jpg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0d9cf679678eecc2d314b615250487a15ebc687feb153bc2122d493e079e50d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
1048044
edge-cache-tag
574184376177645392635613826169606246941,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
574184376177645392635613826169606246941,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
130
expiration
expiry-date="Fri, 25 Feb 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5afdaab7dc6337f49602f0b1723713d0.jpg
content-length
5834
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 25 Jan 2022 17:21:25 GMT
server
nginx
x-timer
S1645025338.889294,VS0,VE89
etag
"231b22528a198e7eb0188805d9856f2c"
x-served-by
cache-dca17731-DCA, cache-iad-kcgs7200082-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
1261170_cd766493e44f8e4.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/0/7/1/1/6/2/1_86ead9077c41b9e/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/0/7/1/1/6/2/1_86ead9077c41b9e/1261170_cd766493e44f8e4.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2cdd9a029657813adbdf476b57659401957540cfd21b6b46baf245db601eb1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish, 1.1 varnish
age
319580
edge-cache-tag
384911579736355133600816470262681141759,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
cache-tag
384911579736355133600816470262681141759,324797993976713913133880255001903442353,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
360
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_80%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.rbsdirect.com.br/filestore/0/7/1/1/6/2/1_86ead9077c41b9e/1261170_cd766493e44f8e4.jpg%3Fw%3D1200%26h%3D630%26a%3Dc%26version%3D1575255600
content-length
1630
x-request-id
5bc069a0359ebcf4956ba3bd4212d5af
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 12 Feb 2022 22:12:20 GMT
server
nginx
x-timer
S1645025338.904659,VS0,VE1
etag
"e75b3c6f3156db03c9af6721f3d46c58"
x-served-by
cache-wdc5579-WDC, cache-iad-kiad7000113-IAD, cache-hhn4044-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3469445-1&cid=477300590.1645025336&jid=1141659057&gjid=415149473&_gid=1325982982.1645025336&_u=aGDAAEACQAAAAC~&z=1853187685
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Feb 2022 15:28:57 GMT
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7279431&ns__t=1645025337905&ns_c=UTF-8&cv=3.5&c8=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&c7=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&c9=
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
BqFUxBQqg_2w3bTwRmsEbe342vrZw4faq5wXF5rv4pM0il6Laj3cNw==
x-cache
Miss from cloudfront
supply-feature
trc.taboola.com/rbs-gauchazh/log/3/ 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/rbs-gauchazh/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=b5254d5f192ced4a42e68662857ea80b&sd=v2_2570153973a2db8553ccd3fc021fa263_200c64e1-0124-4196-bf2a-e9c4b875781b-tuct9069db9_1645025337_1645025337_CIi3jgYQ8OVMGIbBmpnwLyABKAEwODib4wlAh4oQSKGt2QNQoewQWABgAGjGot3Fm8C5-osBcAA&ui=200c64e1-0124-4196-bf2a-e9c4b875781b-tuct9069db9&pi=/&wi=-4465994688655033163&pt=home&vi=1645025337478&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A498.390625%2C%5C%22articleClasses%5C%22%3A%5C%22gzh-content%20fade-in%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22450%5C%22%7D%22%7D&tim=15%3A28%3A57.925&id=6501&llvl=2&cv=20220209-5-RELEASE&
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1645025338.930782,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=clicrbs.com.br&p=%2F&d=gauchazh.clicrbs.com.br&u=CPKKqLb-FHUD0RBrP&c=0&me=3&ml=m&x=M7tMgSb5sj4f1
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.74.135 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-74-135.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=clicrbs.com.br&p=%2F&u=CPKKqLb-FHUD0RBrP&d=gauchazh.clicrbs.com.br&g=56047&g0=gauchazh.clicrbs%2C%20gauchazh-capa&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9227&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2759&t=O8LW_DwXJgGrUuYpBKREVyCEfDPQ&V=129&i=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&tz=0&_acct=anon&sn=1&sv=BsUHNJC2fuVVBWsq4uyM8HhI3218&sd=1&im=060b2f3f&_
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.215.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-215-174.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BSW87XLWWR&gtm=2oe290&_p=1219844151&sr=1600x1200&ul=en-us&cid=477300590.1645025336&_s=1&dl=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&dt=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&sid=1645025337&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BSW87XLWWR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:57 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront), 1.1 varnish
age
1179329
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn4044-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1645025338.986773,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
weURnwUwOHgFt6bTo3Iz_wVjW8GmAzFabBY2qdh0wOmhvZi_Ab2wtQ==
x-cache-hits
8627
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3469445-1&cid=477300590.1645025336&jid=1141659057&_u=aGDAAEACQAAAAC~&z=536674514
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3469445-1&cid=477300590.1645025336&jid=1141659057&_u=aGDAAEACQAAAAC~&z=536674514
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/985330866/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985330866/?random=1645025337993&cv=9&fst=1645025337993&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d17b91dbf21a1fb94a18b00083e5a233a69dca22a0568d98153f3a2c00d539bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1136
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid6.11.0.min.js
ad.clicrbs.com.br/js/ 		215 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
UploadServer /
Resource Hash
36b8d7c1c0f7498119dcba5a42fc5b0002df4ec86e6f06e87dd4b06301578458

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
vary
Accept-Encoding
version
2
x-guploader-uploadid
ADPycdszaqkbgPwLcHNHi1PuRAYOx9ThSdc8zINjHZ3XzHFRZWm3iDLsUc1XvnSVoVjtaFc31fpTfMvEpqVWYbCvDT8
x-goog-storage-class
STANDARD
access-control-allow-methods
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Wed, 16 Feb 2022 13:21:41 GMT
server
UploadServer
etag
W/"86a2fef577405cbbfa951f2624a9e0fb"
access-control-max-age
3600
x-goog-hash
crc32c=jHRiRQ==, md5=hqL+9XdAXLv6lR8mJKng+w==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
expires
Wed, 16 Feb 2022 14:49:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/module-ads.google1.6.21.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
c602946d83dd7c064e03166e8e902b6ae2b8c3428747b0ceb8d6cfde0a01a391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27360
x-xss-protection
0
server
sffe
etag
"1133 / 97 of 1000 / last-modified: 1645013085"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Feb 2022 15:28:58 GMT
25039324.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25039324.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:28:57 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E384B0137A34B159880B0BED2413C84 Ref B: FRAEDGE1420 Ref C: 2022-02-16T15:28:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25039324&tm=gtm002&Ver=2&mid=693a8c15-b35d-4892-be25-75a5fd135476&sid=28b076308f3d11ecbdd37da603d1439e&vid=28b0aaa08f3d11eca14ff1f8a1207322&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias,%20porto%20alegre,%20gr%C3%AAmio,%20inter,%20colunistas,%20jogos%20ao%20vivo%20e%20mais&p=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&r=&lt=908&evt=pageLoad&msclkid=N&sv=1&rn=763463
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 70EC0BAD7BB748BFA2AE42B47BEE210E Ref B: FRAEDGE1420 Ref C: 2022-02-16T15:28:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprammp.taboola.com/ Frame 3B45 		0
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B55F16F43F413037241310626724&cicmp=1337627&cijs=1&dast=V7BIACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMJazRizGWkzIy02g81uslnsZpvZYjVabJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQBB0-nwue71OofrY3RYj3aN2emxXDx3jd9tl1j-cgAAAAB4ACBqiYbY8W1ojwAAAACQ4Bm5VqAIqPi3ELgAAAAAwAAgEAvXAIDiULiH3eeynB12kz8AAB4UQAAABDBCADZ5YEUAAAAARgAAAABIAAQSC0sAHO4WTQAAAv4GTEQzTgAAAA7qZJ62Wf7___9jAPLem2QAKNI2bgx6AB58AB6EAAAAPoZo607DC2Z7bokKSIsYAQAAAGQDXXYcTeqEyqLq____3wrgCgAg4G_ARJQm6-akmDUMAAAAYGyBHha_3-ywa_xul_3_________m_2fAaAJWY1epwHtXyuo8YxcK6z9AgIAsL0bAMCbAFzMAdgBAAAA3P3____nAQAAJO1Rsr1W49mjrPcZbOFzurvrN2GL0Woy2SyHs-ViMhiOhqPR_gRyOMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0xIOqc-l8Xp2PDbLYzWWjuWK1mEuWqwQAAAAAAAAAsIQp8yYAAAAAp0HMZpPdbsWNN3smiLVaLWsAAAAAbt3IAQ!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 varnish
x-served-by
cache-hhn4044-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1645025338.019454,VS0,VE18
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 		604 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 varnish
age
2173721
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
0nGhQyYL6JJMNrNtgN9DZ54Xe47FlcMytbRNYowkLHISIE+ayuuCG0l+V0ZSZ+siOhY7wKkivBg=
x-served-by
cache-hhn4044-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1645025338.018640,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1BJTM91JQABF5B1D
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
6752
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 varnish
age
2174554
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
DorYSe3tYgOl1kHh+s4QSJZ4EV7e6QatR1h0Kst7losPnxWoI5OXRUDbs44/HPvWpI9TzqPsi28=
x-served-by
cache-hhn4044-HHN
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1645025338.019342,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
QF5WB9J15028EQTS
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
6395
st
imprammp.taboola.com/ Frame B768 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=15BEA8911039519280388705257&cicmp=1337627&cijs=1&dast=V7Qu0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG7GasBjE5WIx2CxXi-Vkt1wtd6PFZLTYLGFiFovFaLhajcaaxWIxmsxWwykYbOFzurvbAIKm0-Fz3et1DtfH6LAe7Rqz02O5eO4av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BAMWhcA-7z2U5O-wmfwAAPCiAAAAIYIQAbPLAigAAAACMAAAAAJAACCQWlgA43C2aAAAE_A2YiGacAAAAHNTJPG2z_P___8cA5L03yQBQpG3cGPQAPPgAPAgBAAB8DIEXR9G4G89JERWsFjECAAAAyAa67Dia1AmVRdX___-_FcAVAEDA34CJaEzWzUkxaxgAAADA2AI9LH6_2WHX-N0u-_________83-z8DQBOyGr1OA9q_VlDjGblWWPsFBABgezcAgDcBuJgDsAMAAAC4-____88DAAAY26Nke63Gs0dZ7zPYwud0d9dvwhaj1WSyWQ5ny8VkMBwNR6P9CeRwgBMxWC4nk8VktxqtRpvhbjQbLFAgBhOkaNFgshqNJovJcDWarGbLxW63QYpWrWajzWC4mk1mu91qOBguRyOcsMVoNZlslsPZcjEZDEfD0WiIB1Xn0vm8Oh8bZLGby0ZzxWoxlyxXCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 varnish
x-served-by
cache-hhn4044-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1645025338.020551,VS0,VE35
content-length
0
req
cdn.navdmp.com/ 		6 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=103c6983029b7625b976578d1c10&acc=23955&url=https%3A//gauchazh.clicrbs.com.br/&tit=GZH%20-%20jornal%20digital%20com%20not%EDcias%2C%20porto%20alegre%2C%20gr%EAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&h1=FOTOS%3A%20veja%20imagens%20da%20enxurrada%20que%20causou%20deslizamentos%20e%20dezenas%20de%20mortes%20em%20Petr%F3polis%A0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6de7cf0b0d7f3742-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
522028
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1645025338.116564,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
0O7z6VW9AL1L88cf_kIuoP_A5jN71DAJkA3vm2xv6yILK0B1A5FTlg==
x-cache-hits
7104
/
www.google.com/pagead/1p-user-list/985330866/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/985330866/?random=1645025337993&cv=9&fst=1645023600000&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&async=1&fmt=3&is_vtc=1&random=1721502913&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/985330866/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/985330866/?random=1645025337993&cv=9&fst=1645023600000&num=1&label=unn4CJiboJQBELLp69UD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tiba=GZH%20-%20jornal%20digital%20com%20not%C3%ADcias%2C%20porto%20alegre%2C%20gr%C3%AAmio%2C%20inter%2C%20colunistas%2C%20jogos%20ao%20vivo%20e%20mais&async=1&fmt=3&is_vtc=1&random=1721502913&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022021001.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 14:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122668
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 09:35:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Feb 2023 14:50:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		244 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
12a8acbea80254ddfe9586aff910d6a6c67aabd7e29af4c39194cc82bcf4a2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143
x-xss-protection
0
expires
Wed, 16 Feb 2022 15:28:58 GMT
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1518805
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4044-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1645025338.222931,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
16053
playlist.m3u8
liverdgaupoa.rbsdirect.com.br/primary/gaucha_rbs.sdp/ 		109 B
222 B 		Media
General
Check archive.org
Download Go to
Full URL
https://liverdgaupoa.rbsdirect.com.br/primary/gaucha_rbs.sdp/playlist.m3u8
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.138 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-195-181-174-138.datapacket.com
Software
nginx /
Resource Hash
e34c0e31ee3f8177320cab8ca9ffe631240bec0e86a64e2c37af8ccc7eef2335

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:28:58 GMT
cache-control
no-cache
server
nginx
content-type
application/vnd.apple.mpegurl
ouaykopohidvhwmew1gp.mp4
cdn.taboola.com/libtrc/static/video/v1635496243/ 		351 KB
352 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1635496243/ouaykopohidvhwmew1gp.mp4
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4a8e9886c01a5f3d4174d6ed6eaf8d429059f0a5bd9a64f3796d445ee312c7d

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
TREDgmZi.mMQ4hnHJXc3gxv3CQfxPERp
via
1.1 varnish
etag
"1dd4db87e200d8b35fe8f90753e33c24"
age
98
x-cache
HIT
Content-Range
bytes 0-359817/359818
x-amz-replication-status
COMPLETED
Content-Length
359818
x-amz-id-2
8Uhbc2un9EUnE0zojOinaejcrxNoyRbAgMC7Ut6eBOHTnTqR2oV2X/kZnYOE2C7yUZXjgBG1IqE=
x-served-by
cache-hhn4044-HHN
last-modified
Fri, 29 Oct 2021 08:30:49 GMT
server
AmazonS3
x-timer
S1645025338.279096,VS0,VE1
date
Wed, 16 Feb 2022 15:28:58 GMT
x-amz-request-id
PSZQA0T5NM19WP20
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
82
x-cache-hits
0
bjn9tq6h1jzq1mg3b6ir.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619003729/ 		321 KB
321 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619003729/bjn9tq6h1jzq1mg3b6ir.mp4
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c83f18642863842ab20430cb64f533b5f341ef61f4ebdc83d7b333e1762399b

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Ql9raS7eCY2Zi5yxBXSa2_UM4Sci_j9u
via
1.1 varnish
etag
"091599193e7f107c6a275aa554adaa5d"
age
112
x-cache
HIT
Content-Range
bytes 0-328542/328543
x-amz-replication-status
COMPLETED
Content-Length
328543
x-amz-id-2
1bnDlWrFZyXYe0kv2vCA2Xo1kOswqrsQd1HtWdG2oDOUkYK8ZTF2NWdbA828bklxWXRNgi5rZr4=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 21 Apr 2021 11:15:38 GMT
server
AmazonS3
x-timer
S1645025338.282202,VS0,VE1
date
Wed, 16 Feb 2022 15:28:58 GMT
x-amz-request-id
GGJP58SRKQRN6RHN
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
82
x-cache-hits
0
b280515e-a06a-4d80-92a1-4ef68ff22495
https://gauchazh.clicrbs.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://gauchazh.clicrbs.com.br/b280515e-a06a-4d80-92a1-4ef68ff22495
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
8a9a37e9-955d-4bda-b271-4af345b31e35
https://gauchazh.clicrbs.com.br/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://gauchazh.clicrbs.com.br/8a9a37e9-955d-4bda-b271-4af345b31e35
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		592 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13786&site_id=65062&zone_id=791082&size_id=2%3B15%3B15%3B15&alt_size_ids=55%2C57%2C221%3B16%3B16%3B10%2C16&rf=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&tk_flint=pbjs_lite_v6.11.0&x_source.tid=87882725-2cb9-4df9-b2e1-5f34d3660631%3B318eda93-c511-4c02-a205-884eed43ba10%3B9ce496cf-1fc7-4634-be16-6910b58fd372%3B369c0646-9a4c-4083-9512-647c76fab79b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.34247414513239005
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
50a6332e86b975cebf7d5c3f5afded31b8a6057debaac3cc69e2123e8deddfef

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:28:58 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://gauchazh.clicrbs.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
592
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		505 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ad.clicrbs.com.br
URL: https://ad.clicrbs.com.br/js/prebid6.11.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0ce0518aa19606ec184dfc3c775409d29a364bf969126c255ec9c8398750920b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:28:58 GMT
X-Proxy-Origin
217.64.151.29; 217.64.151.29; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e2aea71d-462c-429e-9e8b-19d082cb015c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gauchazh.clicrbs.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
505
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gauchazh.clicrbs.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		547 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1420803714952954&correlator=1243912614094411&output=ldjh&eid=31061814%2C44757101%2C31064868&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=21766049037%2CGauchaZH%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C300x250%7C336x280%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C320x50%2C320x50%2C300x250%7C336x280%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C300x250%7C336x280%7C300x700%7C300x600%2C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C1200x400%7C1200x250%7C1200x150%7C970x250%7C970x90%7C949x90%7C728x90%7C1x1%2C120x38%2C120x38&fluid=0%2C0%2C0%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=FORMATOS%3DHORIZONTAL%25201%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25201%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25202%26REFRESH%3Dtrue%7CFORMATOS%3DNATIVO%25201%26REFRESH%3Dtrue%7CFORMATOS%3DNATIVO%25202%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25202%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25203%26REFRESH%3Dtrue%7CFORMATOS%3DBLOCO%25203%26REFRESH%3Dtrue%7CFORMATOS%3DHORIZONTAL%25204%26REFRESH%3Dtrue%7CFORMATOS%3DPARALLAX%26REFRESH%3Dtrue%7CFORMATOS%3DLISTA%25201%26REFRESH%3Dtrue%7CFORMATOS%3DLISTA%25202%26REFRESH%3Dtrue&eri=1&cust_params=ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26nvg_opiint%3D102%26nvg_opiinc%3D13%26nvg_opione%3D46%26nvg_sentim%3D2698%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26logged%3Dfalse%26assinante%3Dfalse&cookie_enabled=1&bc=31&abxe=1&dt=1645025338554&lmt=1645025338&dlt=1645025335853&idt=2432&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C1063%2C200%2C666%2C666%2C1063%2C200%2C988%2C200%2C200%2C814%2C439&adys=257%2C559%2C1613%2C2322%2C3057%2C1932%2C5075%2C7539%2C6032%2C3517%2C3997%2C3997&adks=2964830580%2C1224838769%2C2849293477%2C3257275126%2C2389341144%2C892145560%2C4069479754%2C2228749829%2C2353039560%2C3649228102%2C3243859688%2C4137030131&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgauchazh.clicrbs.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1200x254%7C343x254%7C1200x254%7C343x1%7C343x0%7C343x254%7C1200x254%7C343x254%7C1200x254%7C1600x400%7C120x50%7C120x50&msz=1200x0%7C343x0%7C1200x0%7C343x0%7C343x0%7C343x0%7C1200x0%7C343x0%7C1200x0%7C1600x0%7C120x0%7C120x0&ga_vid=477300590.1645025336&ga_sid=1645025339&ga_hid=1219844151&ga_fc=true&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1200%2C1600%2C1200%2C1200&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2d0570f47c542a750b024f55ba0efc25b31fde34ec359d5dfaf5fd99cd170651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70559
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5924082617,-1,5893506159,-1,5906860239,-1,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138381167963,-1,138376085076,-1,138380885242,-1,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gauchazh.clicrbs.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA2C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Feb 2022 15:28:58 GMT
expires
Thu, 16 Feb 2023 15:28:58 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9e6b8b478423b37fbec2c384189edeabcef834e6a2a5f5e572a152e2d2069af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9891
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:28:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3756 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:23:10 GMT
expires
Thu, 16 Feb 2023 15:23:10 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 519E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0728ed30b82bd5a4e2c25d3e62ccb5fa964d53629fedb05b0cc0dbc2f204b783
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vWFvVTBZgutxJVcy/06RrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 15:28:58 GMT
date
Wed, 16 Feb 2022 15:28:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vWFvVTBZgutxJVcy/06RrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
pagead2.googlesyndication.com/bg/ Frame 3756 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 14:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
175120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13545
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 14:50:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 519E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=1420803714952954&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
bulk
trc.taboola.com/rbs-gauchazh/log/3/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/rbs-gauchazh/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 16 Feb 2022 15:28:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1645025339.886535,VS0,VE9
x-served-by
cache-hhn4044-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame 3756 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7XaVdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
892
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1645025339.946067,VS0,VE0
date
Wed, 16 Feb 2022 15:28:58 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
82
x-cache-hits
257
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=1420803714952954&bg=!q6ilqOzNAAbAtJCDwLQ7ACkAdvg8WjsVhv4rCgTT1ExROWfjyzr5wxgw_gk28cF-scPVfrOzfAD0JAIAAABwUgAAAAJoAQeZArZyJybJomd2WpDht6viJcABrFtDG_0nVUBg2QgnQHzzi2M9j1Pa66xVFHnEIiCA9JJikb1bzVc-N162ICTgTBB7QspEXyxeNC0hqWCuufKhwX7LcrSsy0zuzRhJ_vArvNVr7vFhaIvrlfWWbXIPDdlSW3dPaPLxvBqL17sfe4fholrEnWJ67GnJ4ipPId-L0RllpOvzgI3uFl_H9CrJo2GlpOrQIf02xpx2ganQpnY6IZjKi9dp_TjRBjz8-B43GEVJjXA3K7TnyvdK-p_Q3RzDltRiKNpHWoOHxmc0zTO8ZEtbCqobyqUxnYRXitpE40OL4GuieeJ6JCpulxBewVkhc9HHdl0A_HpO5RHTV1zrZCdr_k1N_S3nzFWq-io12No6zWL61fIU9KjRD01sYE3d4OfC9IuNNorkIPDGqaF8qXej8QRSlhvqJzFopWD87fSmc6M-v1m8ytruW51Dgo8UUFe6kd7XQId9fsaI4X8_qHRE2A1ta-b8pIeg3twbaBN-GhoHs3L9uDnWVjNl5KsptYIOT4UpM8h3Ww6BaUx3eK34HQ0DxC7sQhf2ee7wFW9AkXWgBKkF8GSZ4E4NWyR-YBZbgDsHzkPNiOKnCFSWkyU9eIJOLpoFmsX01tveYRuKOT9w_5oRdBGp1WGRj32qeVDUE-6xZj9IqqaPfr9Mdz9uO3cjjPyjLDk9SK7GyxH55mh53TufgiYw76QAOfF2FwuArc8gIDsunV9qeSFnwoaQRX4ux8LCx7pp0LZ5XKHcbvIqoLk--N26A6iJDo5KrYYdV5Wc7SQR40RNkkpEcjahCzG28XL6314y15fE6wdknKj3LSVki8lRe00gptUiVVp8eQ40Bq-pwd6FWlJUzkY7f8Xy3oZ2CG6cqZuWZJW4JYN8jDcFF8o8z9ntt_lQq8kTULcl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1C1D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:28:58 GMT
expires
Thu, 16 Feb 2023 15:28:58 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 2EA3 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Feb 2023 14:51:16 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2EA3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Feb 2023 14:51:16 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2EA3 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Feb 2023 14:51:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2EA3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Feb 2023 14:51:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 2EA3 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
88663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Tue, 15 Feb 2022 14:51:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Feb 2023 14:51:16 GMT
css
fonts.googleapis.com/ Frame 2EA3 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 14:52:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:28:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:28:59 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EA3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 13:28:08 GMT
x-content-type-options
nosniff
server
cafe
age
7251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7735524722462771930
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Thu, 17 Feb 2022 13:28:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EA3 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
80994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 16 Feb 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame 2EA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdOI7sS9EZmFqTQSuTbV5ysRNWUiavPYCg-KUWaog6Ls3p-OBBQlhTXc60I56GOHpJXw9CaULIcbi78MocbabXMNPEtg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2EA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwCKwOhgNYpC2LZfY3gOu_pbAA9iu8btoqoy6pcMOloLNhYgWEAEg6Nq_bmCV-vCBjAegAczK94sDyAEJqQLkmY8ssxizPuACAKgDAcgDCqoEmwJP0CFRSB9JUxWP-JUUT4BpSMdEfqc4A4U7M0Iku5_9RRuz2r4IOCCnenUON9YV7nx8TsfGTTS6O0pXDfzbSydFdNj1TrdG82ATO3pcbi0ETgotFXuDfTiqz6IKRja8W4FrP3mCedBnlZRPZ4ykwqI6SFLn3LgXPdScimnJh1W0jSWwpozsOITiUIOdXyeSijBSAOLlnSoH3IYb0Z6anT-SwrqkJvMU5NPU_kqt55-M4jcFPTI0shbNqrkLkO7V1sNerLt8Fm56kvhRPVOv4qLGGm61gy1eACzKg0ppUFg9y5STzfLqXPJi9df0QuFm7XdwwjWPQ5qIgRG46t47BjDZUlMa_MjMX1H_TwY6vyB5dqvAidxED5BQyz6RwATBlYDA3gPgBAGSBQQIBBgBkgUECAUYBKAGLoAHnLWIdKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKCtGNIICQiA4YAQEAEYHYAKA8gLAbgTiCfYEwyIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTMxMzE2MjkwMzE3NDY4NRi81W4&sigh=GpNjjoWMsSk&uach_m=[UACH]&template_id=5000
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
container.html
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6287 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 15:28:58 GMT
expires
Thu, 16 Feb 2023 15:28:58 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 6287 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDZorOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSUAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbfCgwP_7TMI3jDx33XAkBFHfDIQqSBhHjHMoyXSY7Bsn1Jy2wkbHeAEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUzMTMxNjI5MDMxNzQ2ODUYvNVu&sigh=un9QfYVdt6g&uach_m=[UACH]&cid=CAQSOwCNIrLMOOp8OqiyHiTABIeeZoClJZYMZpi1fcq61d3l0A6WQ6TnAxb5IQlVsxn5r99kB3il-20kBTdPGAE
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6287 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-aXC7r5RLAJ-gGdg2ICAgAAAFCTbbFXoFZNxqzxB_n1KcoQOhgNYvWARuSfaxkwlYBJABI&wp=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
server
Kestrel
server-processing-duration-in-ticks
217642
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame FCDD 		173 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3e7d44770fb977e1d2b81f0cd1d9b3612db35325d9b75cd42f0d80693bff4392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dzQRnvG3hIUA2hPkxtvSOBsoOnJkCBbHE_MFD457TtS3skloN6N9rFaFBgeW_K7UZU6Ba1O_mH2I5LIIrgdK9I2teNWs7QbRArDRitmqz4u_brh08fK70GqfvGcC-YfWVDJImAuJl1Wwc-FSkPTxuz5pSubPoygbrnhiSm2m-O2KuTW1Y_YeQnyygrrTGPz-aGu0nBKGZgLvdWlIpZpTcYl7NmoejdF3vVmZYg4SljVOGFahdgoIqi0XVMP_uc_2QTDBMQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
137152156
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 6287 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:08:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D298 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 16 Feb 2022 05:53:44 GMT
expires
Thu, 17 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
34515
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6287 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:28:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 6287 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:15:28 GMT
l
www.google.com/ads/measurement/ Frame 6287 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTM_RgDOIjE_GE5xzHQZhkNEfxn_IMteE1aJPkf6JGKyxYdNqe-QoUusggsSY4Z9yQbdXVpeWYdjcTrgha_TOUmwVpshA
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6287 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2676OhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoEkwJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfphv_1N9N6gR7k4Gjgo0PtlRo8uhNgxpfgRi7j6udxK8quu-d2JWl-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTMxMzE2MjkwMzE3NDY4NRi81W4&sigh=1M7obc64MMs&uach_m=[UACH]&cid=CAQSOwCNIrLMOOp8OqiyHiTABIeeZoClJZYMZpi1fcq61d3l0A6WQ6TnAxb5IQlVsxn5r99kB3il-20kBTdPGAE
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 1C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gddyy9kx9bz3wmkjbw182kfqnymw3n8pc46srm6y7ftkn3epzkz15pzsear7btm8fmh1gnet3e7ssxj2814pzandd75a7b8dhxnpc1yj8qehg9b4esj98hwtq36zq3hzdfcsj89n6rs3wn0meaj74ekdxxv0ddg2y7a6rwaek1fprst99eypt68kv470stejn5ry8rytpe58bwyw21ztea6cq58m9mcvq0j7846sh9352sace9gwxj7tp93j3d37kf0sbsay7wb7vhv6vyrnmnj97sdzsw7wtcyh01rs5r18gdw7ymt929jbh9xhk40g0pgk0d06z1rb1zzm7fx16zr2e8dw9ht5jvfyktjk126y9dcyctcyxk9fymwg512bkdchzcvkn3ckrw4g128zqfeybakm&b=Yg0YOgALWw8Kd6wXAAW_LrDvUCfpN137WzznAg
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5E38 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ade69853b74ca4802c1d7cfd40701db24b2ba19b19028938bcec7464cb2c9a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de7cf13d8ed59ad-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 1C1D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:08:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 54D0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 16 Feb 2022 05:53:44 GMT
expires
Thu, 17 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
34515
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C1D 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 15:28:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 1C1D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6405
x-xss-protection
0
server
cafe
etag
2993485572248006277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Mar 2022 15:15:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1C1D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 19:07:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9176264142683229014/ Frame 2EA3 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9176264142683229014/downsize_200k_v1?w=600&h=314
Requested by
Host: gauchazh.clicrbs.com.br
URL: https://gauchazh.clicrbs.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1db96bbf626e8688ffcc3e808eb273fc5c9631f0e9522674b3196a84bdc6b3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:31:52 GMT
x-content-type-options
nosniff
age
129427
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26761
x-xss-protection
0
last-modified
Wed, 14 Aug 2019 10:25:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 15 Feb 2023 03:31:52 GMT
truncated
/ Frame 2EA3 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2EA3 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2EA3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84c55b3afcd413462d0b64112ad9ba31d1ae5452356936a38dbc145edf6e9bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 2EA3 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:14:29 GMT
x-content-type-options
nosniff
age
76470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:14:29 GMT
truncated
/ Frame 6287 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb192312893f464a9be1c1a833951fe1894127803d6a38d29b434d03f333448b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1C1D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7622a2bbacb14e44383157a9f1de1e81a938a4416d50166bc29d44051e1af3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame D298
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDxi_Z7f5cYMW25vcIjJQqY&google_push=AYg5qPJONkvFr9VEP-lKBoPIeMyHMrjUivdO9XxbkZ7LFrg7yBv5QNMWUo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDxi_Z7f5cYMW25vcIjJQqY&google_push=AYg5qPJONkvFr9VEP-lKBoPIeMyHMrjUivdO9XxbkZ7LFrg7yBv5QNMWUoD7GGmgBnwrDPsufS1GumYwDQz6vwXwqBtWf7rcCg
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645025340.604950,VS0,VE92
x-served-by
cache-hhn4065-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDxi_Z7f5cYMW25vcIjJQqY&google_push=AYg5qPJONkvFr9VEP-lKBoPIeMyHMrjUivdO9XxbkZ7LFrg7yBv5QNMWUoD7GGmgBnwrDPsufS1GumYwDQz6vwXwqBtWf7rcCg
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D298 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOBotFS2za0sI8A6W62F_GM&google_cver=1&google_push=AYg5qPIOO8sE7B4fM0opWW_m4uA3_Z7hx6DcSVYpDfMVHE96S_T19orIHFt79MQhLcFXWbtfdIxPctbSn64iR4koCffcbwwj7w
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame D298
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFOqvUFM5TQZeC2rhoUtP0k&google_cver=1&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsf...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUE0yUTItMUUtRU1MUw==&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsfevsJIESWXe9x6FiZTRbNlrpw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUE0yUTItMUUtRU1MUw==&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsfevsJIESWXe9x6FiZTRbNlrpw
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pQUE0yUTItMUUtRU1MUw==&google_push=AYg5qPImsN_AKy4iPvlx9xCX6hlZ0kl2UxFrYwuY2siQHV8SSQP0B3Eqtiqa56HC3Eo-ChHVFsfevsJIESWXe9x6FiZTRbNlrpw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame D298
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEFxfXEXbhT5HVrUwk0xToyo&google_cver=1&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFxfXEXbhT5HVrUwk0xToyo&google_cver=1&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7r...
0
0
pixel
cm.g.doubleclick.net/ Frame D298
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMXt0xc7Con7pZZTAJ-9r64&google_cver=1&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg&google...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1NTAzNDAwNTI0MzA1MzMzNTA5Nw%3D%3D&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1NTAzNDAwNTI0MzA1MzMzNTA5Nw%3D%3D&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1NTAzNDAwNTI0MzA1MzMzNTA5Nw%3D%3D&google_push=AYg5qPIRHNpDfWHnwVTs6LcuxS3SXDlhuvOCbTsuS2gU4XhWETuipb7ke0zv_ZQPZHju5KksP-NhkbN-Z4avjEjb-hiDSOPUzg
date
Wed, 16 Feb 2022 15:28:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame D298 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAVO9P-_lIiZQx2hyTflQ7Y&google_cver=1&google_push=AYg5qPK3l6IuXNS7ep1u0TEEHyyyxXL47PRMJ4Mg-r-SuSIEhgK81bjzyCLTT7M7p4KMUtIV6BUKIyGps_kz-MjKqzK72y3Ijg
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-length
0
/
onetag-sys.com/sync/i,19/ Frame D298
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMYDO18E2oHHN6wEvpRpWRk&google_cver=1&google_push=AYg5qPJCChr44rULa_wmAAfHRhJgMHozmHpJRhkiBiKhY4JSeiGdXmmNfRw0EAltA8UkP7uzf279w9Mz_zN...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJCChr44rULa_wmAAfHRhJgMHozmHpJRhkiBiKhY4JSeiGdXmmNfRw0EAltA8UkP7uzf279w9Mz_zNKx3CTa5pGsBuzfNEt
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D298 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUxzHQWV7K9JB8oTA9qVPNYC37jABiypROcgVmdqwcOKbDwcO7VlUjR5AfwcamESGsy6eR5w
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 54D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1&google_push=AYg5qPKkv82EZUdCEiBXvQ0bkJLItweTixM7qu7x7-OEZPakKO9QVPICeJr9OgQ41JpUt2ni6B5On-cnE5HnQ2AzTt-rOOp4eQg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzMTcyODYyODU4MjA1NDAwNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMzG6hHk_hzblRkxZ3FwatE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 54D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB_AWGoFyxIguV66AtcUpmU&google_cver=1&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1Qg...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1QggkFmgFbr6zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1QggkFmgFbr6zg
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 16 Feb 2022 15:28:59 GMT
Server
MT3 4133 baa842e master cdg-pixel-x6 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKVkgKRngQrJKU70fdnUOMvff-2M1SfEsBjYVRYqkxINKlJO_nhQNxKiTNNVAiDkGADFyfiwXMscBwTh1QggkFmgFbr6zg
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Feb 2022 15:28:58 GMT
pixel
cm.g.doubleclick.net/ Frame 54D0
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEEiH3i2j-E43r3MNQqSb9bA&google_cver=1&google_push=AYg5qPJBBdJ1p4KiRsuVx-T5ZPqaMWQ2868W6eV0JgnaLiPBCtFbNi9oX6HhzqFyxFHwRrivTTa...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEEiH3i2j-E43r3MNQqSb9bA&google_cver=1&google_push=AYg5qPJBBdJ1p4KiRsuVx-T5ZPqaMWQ2868W6eV0JgnaLiPBCtFbNi9oX6HhzqFyxFHwRrivTTa...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=I8Ep64TZSlS9Q-_w--2vIg&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=I8Ep64TZSlS9Q-_w--2vIg&gdpr=1&gdpr_consent=
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:29:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=I8Ep64TZSlS9Q-_w--2vIg&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 54D0
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEKyl7ql5yCzuA3RLdD14CIA&google_cver=1&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKyl7ql5yCzuA3RLdD14CIA&google_cver=1&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIe...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJCGNIwkuvzErZhELbMUrX5TMo5JX4sr1ogMf8DK_7kAkYBuQrz-3XP3kTDRhmfjvC-WFOEQcUPPlZ28VjNjWCIeU4Lhsk
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 54D0
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEC357tbLe3Yib0eqwuYyqdU&google_cver=1&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyX...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyXDU2p3lyeuzA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyXDU2p3lyeuzA
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 80f506314db20ab597e236137f18accc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC51-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL2pHiUOHJLhfqyGzbqbZBaowcQLLDoZ83ll6YRewyYTjzbSJ_gQkLrnWws92XWS1dw6TNXsxRW0_zJ-tyXDU2p3lyeuzA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_VLsP1gJ-rsgNnikXQYJ9BowzZURdGVLDX3ZGmSJjT9LAX0JY94bnQ==
sync
ssbsync.smartadserver.com/api/ Frame 54D0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAVO9P-_lIiZQx2hyTflQ7Y&google_cver=1&google_push=AYg5qPIg7LO5vMrnMMGvL3OA8v_Ie2EClIkyMFe92Yr4aGPC4oRKXy-xOeCKOlV8R74f7U3fsC-xoLKA4uVT82VSjs1ywiiN-Y4
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-length
0
dot.gif
s0.2mdn.net/ Frame 54D0 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDArXwCi4gmI576P9i2VGh8&google_cver=1&google_push=AYg5qPKi6uYVmWQs3IR2zdZ2JmqUixCgb04-C6S9eCW8I9TGmtXj3lZHbuGgpv7mxd70R6h3P6ZgP4_Uolxr9wxB5Gd2r87UJJQa
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Feb 2022 15:28:59 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 54D0 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRTTFMHFNKiPk7dt4kysrw_azavDewWgvtPcUvCkFmkNvCRQk9GmV38wkQREDnmKy0jdDCfA
Requested by
Host: 608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
URL: https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 5E38 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
601431
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:08 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6de7cf14f8356b54-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 5E38 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16057
x-guploader-uploadid
ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 11:00:45 GMT
server
cloudflare
etag
W/"25dab5d0aa24f68116270a61c758162f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svL%2Fd2eHg92mradej4n1NI89MymkKO8XG%2FFRaYe5VDONRiZCcp12S2m64bg8Crce86vISPv1amDTSiZlbsk0fd5MxH1pR3e8ghG3drV%2FUO32bHX3okFksPTGv7nHQ0QPYV%2Bn%2F7s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643194845770575
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11870
cf-ray
6de7cf14aafa59ad-MXP
expires
Wed, 16 Feb 2022 11:01:22 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame FCDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Feb 2023 15:28:59 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame FCDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Feb 2023 15:28:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FCDD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Feb 2023 15:28:59 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame FCDD 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 11 Feb 2023 15:28:59 GMT
pvs.gif
ssl.hurra.com/ Frame FCDD
Redirect Chain
  • https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Server
62.144.160.15 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
nginx
strict-transport-security
max-age=31536000
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
cache-control
private, no-cache, no-store, must-revalidate
content-type
image/gif
expires
Fri, 10 Apr 1973 05:00:00 GMT

Redirect headers

location
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
date
Wed, 16 Feb 2022 15:28:59 GMT
server
nginx
content-type
image/gif
content-length
0
strict-transport-security
max-age=31536000
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame FCDD 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ruf1UGIFSZnXdGF6-usmhyQF3cf9vsXo6TKYiDJMEgQSBTBMap1eAk_pZ1J0S_YjHTeJkK1gAedFZF8N4i76FVTik6_eyZWbq8EnHh7idUPDDuWuupPOhZ__mxMutvdFxKRA9wiW4xO9tsakNjWiW9C7edwBU2lbJXSW4ffBSSp_y0S0zJsXIiqmJgVNYALDlzG0TQVNLy1DXxagdJHjQ104FYYkda3bp8qg9cdAWuGCrFryQwSU6eD0Q7rHdMuYEjPdyhihkSTqTHKn93kRbzJE5pvhspBvKzGVSyGZsfaaSmJwgrMIMKik95i6wDuPxkQjHU_gSp3jYxrGC9EfMajeHipBzDDsHs0iBCY8IUUO2CD-3bB7M5dcIuq0mXDNbiV6oA8FgRPGqMU8rCc9JqbprMY8GWjllsukk4EYLbhu4zEN9CJ-NDa3gFAo8d2Cy7TPaQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:28:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1952832
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FCDD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1108425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLFD9PdR3du5HK2sAgHnl1A8f7p993Rn1u3TGvP7ozSvENVxysAoMju6KcKDkkUzb0ksC4KcqbHl4HcSDQPlqPkUQRtvCcDULcrX2si5RwWROfKoZQaUrbKwGkDPrT08GtfO%2Ba0TlQlKBSI%2ByP7KcF%2Fd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6de7cf155fb5d61c-MXP
expires
Mon, 06 Feb 2023 15:28:59 GMT
animejs.js
static.criteo.net/animejs/ Frame FCDD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Feb 2023 15:28:59 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=55963&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F55963%2F210714%2F216e5dfbbd934c2e9d414417ae749913_coeur_de_lion.png&v=3&w=528&s=SBRr1evl0e_OtlwX8GX7QD1q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2d2f1fa5f826c9709600c5c5df00962a23b9086873eff45e0e4b72996259c457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31087529
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2155
expires
Sat, 11 Feb 2023 10:54:29 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F2838200705-1_2535dae1-753d-4568-9a71-ffdc02bc4457.png%3Fv%3D1596736754&v=3&w=400&s=ZwkUXWn44la8POiBHxMDbDBu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d43b6d29a1d87c47bf0d418c583668b78d1cb02dbc7b65755facef73172a07b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29200496
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15564
expires
Fri, 20 Jan 2023 14:43:56 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F0118211500-1_81164b4a-6523-46e7-9beb-8e61c663cbff.png%3Fv%3D1596737986&v=3&w=400&s=nOuEEgrVkdGOJXG7WLEyYeLi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e073495a103486e55f7ca93301d39c66f2b05b5ea2fc276532ec8ec3344b3605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29637311
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14024
expires
Wed, 25 Jan 2023 16:04:10 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F5033300624-1_31ec3e77-7e1c-4b5e-8194-6dc5de177611.png%3Fv%3D1596737638&v=3&w=400&s=Jf6RzI-mI2kxhmrWgO7wS9fl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
50eea100b4b9102cc8cc860f34a92dac7bc6891874290dfc9260a9b56d2eb2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29377717
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
35170
expires
Sun, 22 Jan 2023 15:57:37 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F2838201573-1_35e1580a-3047-4199-93da-9939a937d70a.png%3Fv%3D1596739417&v=3&w=400&s=BSfdyfKIIhd1mR5aP9gE-0Ag&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cfcac3b26f7be340c0e77a1cc0fc5661a6ae6164404932e139285acd46b8d48a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29806107
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16480
expires
Fri, 27 Jan 2023 14:57:27 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4951101523-1_23748390-276c-4258-ae7d-8b58817f14d7.png%3Fv%3D1596742405&v=3&w=400&s=GURnYDdmZiEKRQz2hPBGIfLE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
085057fad9d6ad8bbc26230916993a8bc1067d031d29a44d37c3f41c471b6f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29477148
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19604
expires
Mon, 23 Jan 2023 19:34:47 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F0094201300-1.png%3Fv%3D1596736591&v=3&w=400&s=pRvhru2dtQ2r_1OD8qL2C66a&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c38b87dd1fc0b12aff4bc05bfffc4152852f1b9c50975e45873621bcea532379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29732230
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16678
expires
Thu, 26 Jan 2023 18:26:10 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F5033100624-1_be56390f-85d2-4405-a144-4127f0d1af40.png%3Fv%3D1596742111&v=3&w=400&s=b9W5htPqMG9R7Lb5_rhXlh9Q&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e2ffac3f9952697555527d7ef792e7e1143db14669461f86769c6ca4bdd1761f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29211661
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18532
expires
Fri, 20 Jan 2023 17:50:01 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F022640150052-1_978dc089-815c-4c58-bc8b-6f4a909113e5.png%3Fv%3D1600164048&v=3&w=400&s=__sQY-wByG5GvoSlMIe-qLPg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b84937bc6a4c4c78b3fb6ec547bea2ca8cd883aba7a102856e864dec18011aac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30604211
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19636
expires
Sun, 05 Feb 2023 20:39:11 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4957201800-1_618a7ea1-ac92-449b-bf18-3ed7abc605ea.png%3Fv%3D1596740207&v=3&w=400&s=j_AKOFjeOTehke4cGQ9BqKal&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c71c89ba418f2b26ad3ee08128e2c78c58916bc80aaede90bb07a5d2f3bd607c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29463174
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
29804
expires
Mon, 23 Jan 2023 15:41:54 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4018201300-1_13b97dd7-56d3-4c1b-b838-6f6160c59457.png%3Fv%3D1596737313&v=3&w=400&s=-nTLxSISGklrFl20AjD1_ggN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2470422a6598df8b9005f537d58c53dec2213e1db9fa572b86a95e37bb71517c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29548649
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14306
expires
Tue, 24 Jan 2023 15:26:28 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F022640122352-1_996f42f5-5edb-422d-b9c6-d7605296e5fe.png%3Fv%3D1600163832&v=3&w=400&s=xOdNi_WdQDXqzxpgwpiqWZcm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
85b5b930e731780c31cb7cd22c076a1998f9872e2d3c5e194d8f556c78c426c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29140855
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20628
expires
Thu, 19 Jan 2023 22:09:54 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4951211920-1_1785b026-5875-4218-8b11-958d1266a66a.png%3Fv%3D1596742421&v=3&w=400&s=ml1UP7IgXVikbsCI8G3xgKvq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4175dbbf29e13ce8c6d082b2b8e2e8a1faea5d27455d2ebbe8db53d9722e2a50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29373916
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20354
expires
Sun, 22 Jan 2023 14:54:16 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F5040301200-1_ed41bd7f-c731-4f70-ba93-006d04f1bd0a.png%3Fv%3D1596735872&v=3&w=400&s=VnW3kmimLnIyR8wHNpCBof6d&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dc9f1a0d5a2d5ef01408836a18633cab125ddd508aa6a89ba3b5d18ff8be27ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29384519
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
33966
expires
Sun, 22 Jan 2023 17:50:59 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4905200710-1_5305b3f2-715b-423f-bd41-cd2b06910361.png%3Fv%3D1596736172&v=3&w=400&s=L1El9FK7COgxgy3oVnlwKDMj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
008ffe8f29d31239246df914f1d6a832a98c72dea26aba87d3e7eff2d2877ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29298298
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14670
expires
Sat, 21 Jan 2023 17:53:58 GMT
img
pix.eu.criteo.net/img/ Frame FCDD 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4409301500-1_deee70e6-631a-4615-b5d3-67ab78a23855.png%3Fv%3D1596743050&v=3&w=400&s=E8G17_I-UtfhdfzktOa2mIn5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8a481c436bdaf8074d2dbd7216dca21a7de2a4adbf64b9ad3612e187586799c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30609764
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
30056
expires
Sun, 05 Feb 2023 22:11:44 GMT
all
csm.eu.criteo.net/ Frame FCDD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dzQRnvG3hIUA2hPkxtvSOBsoOnJkCBbHE_MFD457TtS3skloN6N9rFaFBgeW_K7UZU6Ba1O_mH2I5LIIrgdK9I2teNWs7QbRArDRitmqz4u_brh08fK70GqfvGcC-YfWVDJImAuJl1Wwc-FSkPTxuz5pSubPoygbrnhiSm2m-O2KuTW1Y_YeQnyygrrTGPz-aGu0nBKGZgLvdWlIpZpTcYl7NmoejdF3vVmZYg4SljVOGFahdgoIqi0XVMP_uc_2QTDBMQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:28:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FCDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Feb 2023 15:28:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FCDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Feb 2023 15:28:59 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5E38 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Wed, 16 Feb 2022 15:28:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6527653
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLQ0WKQgZ8C%2BxmoMzQ%2BNImoCZgnzoF40aTfVpKJ8SRL2EZkVOvJ2ijLqWU%2Fr6wTupCRypcWQ2gh5WD0sgYE%2FNVKba2BBfH4hATQ6qFBrY4xMgf1xYvNB2MB0GNuvegMrb5wk5gvtmueOvR4ZJRs%2BGMq6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6de7cf164e47375f-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame DB48 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Wed, 16 Feb 2022 16:28:59 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1096151
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GLjwrCh1Zaok9xMFHTTtRbmCKQGn8Pt%2Bem6An6504Rhli12lSi6bhHfI0gg7hcrpJv5cPu4IbblJqAEj054DZ5JHkOJtRRPcdgvmzOfe2onhPyr5XdT1Zk%2BWuyt%2BVTA27XnqXU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6de7cf15794f6b54-AMS
content-encoding
br
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2278
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by
cache-hhn4044-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1645025340.744379,VS0,VE0
date
Wed, 16 Feb 2022 15:28:59 GMT
vary
Accept-Encoding
x-amz-request-id
6CY1FG8Q11T7G8KE
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
82
x-cache-hits
2912
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220209-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding
gzip
etag
"f7917ed1eb799a729725a7db50d1f828"
age
22376
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5258
x-amz-id-2
Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by
cache-hhn4044-HHN
last-modified
Tue, 28 Dec 2021 08:10:40 GMT
server
AmazonS3
x-timer
S1645025340.744506,VS0,VE0
date
Wed, 16 Feb 2022 15:28:59 GMT
vary
Accept-Encoding
x-amz-request-id
4QYNQ0077R21PYSA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
82
x-cache-hits
59577
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
54445201b212341352d23a710bec57bf11c9d7cc72a838e4816f14059d263e3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mxp6929-MXP
access-control-allow-methods
GET
access-control-allow-origin
https://gauchazh.clicrbs.com.br
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
css
fonts.googleapis.com/ Frame FCDD 		1 KB
450 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
487f4e277ea60147de9d3f5825d789c48517cb2c37715ad0fa2cec96808e6bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:12:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:28:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:28:59 GMT
rs
ad4m.at/ Frame 5E38 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09598eb445d9aa7e87c3a2d7cfd3767cf1bb7c3b1653448bb1508c7b895df4d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6de7cf16ea539745-AMS
date
Wed, 16 Feb 2022 15:29:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it4RayMNeInCzKkewx0srhol5oVzeN6qKotdxOuxkofN4U3X1VnxfoEMbt%2Fxp4tYdMRUuYurrvzZ9ePdiKuaJL0s1PTFTRnN%2FBsrGgGrzyikLq74SWAsFvbPI1yuVFbPK%2Fjrpyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-143p
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 15:28:59 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-143p
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdun39XxcuBwDsFlhNduJJ2wDnz%2FOWrNNYXLoV%2FsS5%2FhLTOuWefDtvK8av8eCuSENrjxS4sJ4zy%2Bpun4gI%2FvDdOYy%2FluQH%2BfwmVWBElumua%2FfeJj7RpqEA7NnyRw%2FEHG0R%2Bq3qg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de7cf1669869745-AMS
Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v23/ Frame FCDD 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v23/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45deb68232bb5d9ce23bb076bcc71c1f248f8177b00a86aaf13040427050038f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 15:32:17 GMT
x-content-type-options
nosniff
age
86202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10808
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 15:32:17 GMT
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=200c64e1-0124-4196-bf2a-e9c4b875781b-tuct9069db9&uad=b4715638346d1f3b2d31be5dd949c1be1e091fe75ef010eaa7db5c4085935ec3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Feb 2022 15:29:00 GMT
Cache-Control
no-store
Server
nginx
Connection
close
rar
as.ad4m.at/ad/ Frame EDAA 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50da25e5ac83b7da3a53523b1ff9a63dfaaf48aa4f3865155ba480ae2a6fad7f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jm8n46684wnngg2frpb8ssmtg2xtxdycgnz7m8tk2xcpkygbkp6eat65dfhkf412mty6zhxk0hdf7tqhvnhrjx5yrwrjyjjz6y3csbbq2t8p9yeyecv9n793nmcavc40kqtt5p0qy5vvh6gkkdrrdr4ms7tpb6vy4yrvjagfszqwhp4e685b25d4hkfnedm6y3b4q3phkedxtk9hd57anb7bx5fw1dzvaba97tx9z8g2gr6dk5yyzskc9pxjr3trpx1n22a98v398t955wq1ayks12vmb3e55vf3b2f4k0vwt8b36254kzhspemfaq3xtb87hpypa5292znxw2m1qjsdtq8jff0wv1v93a17qay7qcxkwf2cp9befqge7k29w6rjsdkjqaa2yve4s9rzdd23pphfj96nr076spe1qdkhf7phr4am&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%26client%3Dca-pub-5313162903174685%26adurl%3D

Response headers

date
Wed, 16 Feb 2022 15:29:00 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de7cf175d6d6b54-AMS
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EDAA 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:29:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
601432
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 09 Feb 2022 16:25:08 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6de7cf17ee9c6b54-AMS
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame EDAA 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
579227
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdvDoj-aCaFzc5CJM1Sn-ErZxcdL1MU2xzaxGrwrpMobz1X9ZOyvBM1SUNA76Uf_PGqt2CiWOL2ZbcZwdeEsfMRGY-PPzg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BnpEqAjVCp%2B%2Bfo%2BUBTjYHT4rNGMjexVBlsCxyuv6EE38e4KXuQl98HLRcuimcJxCaS0xg0aaXjg7FiZBGkxHkQPw2MOatpKDPeXrRFK2F8W9MtKMtp2Jr4qrACG3peC3cSunrVE4XBSTZaY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6de7cf17fb9859ad-MXP
cf-bgj
imgq:85,h2pri
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame EDAA 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=XI38Pg==, md5=RR+psCrnlTuTEa76xpe+fg==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1778811
cf-polished
qual=85, origFmt=jpeg, origSize=156576
x-guploader-uploadid
ADPycdtc3XhPnewolwXek-g2Oc5VPgGFY7Xn781mG-DpS_p1P65ZojCxzOCxms0P-6R5ZmsL3RpTtO_Rlr2s225YNLWvti1LCA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34068
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNdCQWvZOtW7ZBG%2BjNbM3yC5gXqmKdRGdpX4bvl3a3%2FPxOgSMr9pTuBNc6WCBNemxMRb6gGWlT6nFsVtTEn%2F3CAHJ2bvvXfPof0uFeWXojBZ0wOS2WEaco9feVKOseCaPfwVUTKHKBSRLItf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634647715304870
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
156576
accept-ranges
bytes
cf-ray
6de7cf17fbac59ad-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame EDAA
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6Sl...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:29:00 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683
date
Wed, 16 Feb 2022 15:29:00 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame EDAA 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2323849
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtd_qzJJ2j8fLhc4MnJy8Pr9WXO00HsOwNKEMijhkjdKL7lwbsOmTLi6JDxSHzxUMKw-IAs7yuzXaCBOIMf-G4xdCME-A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNWFXS892PjUBS7arOTlrkisPjH6Gg3WT5xWHsKsuaDjaGA4KUQnaXyTFlwc8R03rhbvIfd3LenHRd%2Ft%2B0F3bafvhzy4buDWWhevqgXOMaahq35txZ5H7WFqCGD7r0jlMccOqiVE2pyLA4AS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6de7cf17fba859ad-MXP
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame EDAA 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39338
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdtZqFZkkDZey7ylpVe1RouMjr4VYVF7hJg0PXN2zE2ro-vsPcdhRCjx9z2J09pz_hOigjjwCTjaz51eHemDkSeyb4kQZQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLQtEq%2BabrBG%2FXJvuz1nKI8HriWd2VllK28BnfFd3ZjhckMZFBHQuN645IU%2FrF3oWQZdPohxQqr4myFyWGb%2FBPFjYshPCFYr03srSgJv0CbstY1ZXELXMBGi2eRksDRE7i7bnfTzQuYSJdlY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6de7cf17fb9e59ad-MXP
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame EDAA
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022021616290064007992323X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmG...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022021616290064007992323X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 15:29:00 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022021616290064007992323X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth
date
Wed, 16 Feb 2022 15:29:00 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame EDAA 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
385724
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycduEqbMB9enI1fvypJBMo7A7Q8qJr91FM70_e_r9bYiZG6aqPiSabyAVBqZrM4_9MKRJplP-rIQBmXjzuC3fNmI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaFcddT%2BbgaCz3g0XSyYfYRzjgXWoVxWOe2Uzx6eKrIIv7U6dftpvBuBUAxSQq6EfhP7oeTF9AmoCvqD%2FhqokMTRDkvdakGRrp1FRCjgQKswFQ3zLtwt6H%2BFhKjmG0wMCIbKUWc1maHyxXTF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6de7cf17fba559ad-MXP
cf-bgj
imgq:85,h2pri
1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
assets.ad4m.at/product_image/ Frame EDAA 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1BBE26EDBCDBCA83F6FC5982E78609DD993CBC5A877E96B16262445B5D5F827FF241EDC353E519B59B7B45AAB552B2BD1049C4DF410A0448B841F76C0CCED257
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=4e5XkA==, md5=IApgItXE/tw7TfHLo2DKwQ==
date
Wed, 16 Feb 2022 15:29:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212878
cf-polished
origFmt=png, origSize=68898
x-guploader-uploadid
ADPycdtTfxaBl3ML6ilOnr8I-Zu27F7v0JuXEoS7tTxhreX8Y5VOZWxe6KpoafVKPpND6RJujnQGWB2Tb83ybegVaQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42816
last-modified
Wed, 09 Feb 2022 14:47:59 GMT
server
cloudflare
etag
"200a6022d5c4fedc3b4df1cba360cac1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n93dOxKi%2Fd0iJAKeEtGuMqRwc4e73rwluYntWdf9L30rwVIReXedXMGpPsDV7wf2EFho81ZguO3XNAkpYQxlaNR3V1mIk9MY5JiGNAGPGKp72vK6GPTAm7gLYTiL7mrS7FYeYg%2BvxHzU5Is"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1644418079055001
content-type
image/webp
expires
Thu, 17 Feb 2022 15:29:00 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
68898
accept-ranges
bytes
cf-ray
6de7cf17fba159ad-MXP
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame EDAA 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j1f2r74vg6bqw9dpyetn7sw4yt68ggg85aj0p0xmrrd71v80v9wqm0k06dq8jp5chbczqevjbm3n2e5rtyqfqdkj414dgct9z78x800yycjvknw8pvzgvrxssrrqbfaq5rw6bajk7ptzmr6hyvzzsr5xyb3156yp0a7a84ad82w1tdrqdydzpbnpymksq82pw4v1vhzbk1txw5c0cc3rccnp461jv1md0cz9htqc1ef5yj4p34zv7gkggj93d8g4pt3j3mvv8v2wjhpkkxm4f0jphc976d0vyqm8h8v5s7dh76cjw0s9eyz%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=13957%2C19491%2C43784&b=5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=pVEU1f8gfwGWhkH4HmtJCQQBFgTRT12UE%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=TkIG6SlmGZAkHEW_v82by-qA2871N6gI&g=5bf78fca6e6b6b1340777801661a981a%2F14999227891386032773&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1645025340004&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbq42wnxcxp790j5525hyb24m09smvfnv959eyb6p1jkcqhr6d5cjg5v4zm5my6kfwmjy2vhmph681qh6t1w54ejqz0c0h5k7y4w279k2cgdzfcfm25f4008rn00y2wevwhy4wrsskhw7qsp6qxb07sxex0j7y5zmc8zb6zcjsc4k7pwcj17ncvvfs7q4wpkneemvzce8dsftpd1kyfn79g4g3x5b84x3sc1s8fzx23qnp0hry4tkwtaetdqwdmz5f4q329awyymk7fdg20%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7NjzOhgNYo-2LZfY3gOu_pbAA5DhgYRctqjCivACwI23ARABIABglfrwgYwHggEXY2EtcHViLTUzMTMxNjI5MDMxNzQ2ODWgAcKu6N0DyAEJqQLkmY8ssxizPuACAKgDAaoElgJP0Jtlv1ZTH0rWN62a0Vgs8WjxWqxX6kyCtF2BCnwx3hZ2-bTEgUjNywnlFgyuusanXeNAKsLGU2DGfeUUgtCsPX7L-LQVbGjiNdE9vdBhy0cUZQTb_Y_aZLgCxh7wuA5fsgxCo2OD2WfqyYmv_U-9TWCOmkZ_iECtYtNygB1lB5aH5_0wuvNzIuUivtvCZ-nBsBXq5lsWH8jN3PqQ2xVLRc3MwAl3sGGBadiIXUmk_rkb2Z2IL3oiuO2QTf6KZynajbZse-XvsmHC31Fc8TIoHlT5mAc2TzvW-bU21aRCntO3B2le7CV166tGfpgt_XLv4FGWroaBxpzud0ujmt-rmwZHZtniLHc8j4aihvNrq_0WXxE9u-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0rcYdox7GOkx2LGzUfi9XAhJ7v7Q%252526client%25253Dca-pub-5313162903174685%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
e0145214138591c2d51eb51ceaa2d883d60d08edd888bd4f0c480171adad1160

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 15:29:00 GMT
Last-Modified
Wed, 16 Feb 2022 15:29:00 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1471
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6287 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth8RVZj6bjrt_EGoJkK9om3cs4LQznQHdWKqV4a4eWmBUNq3iotcPDAzAx1WfCnWSu_Ujyn2Z2dy34nNucEeFU&sig=Cg0ArKJSzKxiGrtUGNhTEAE&cid=CAASF-Ro2nbkWhN31F9yoxDCpOUjw02Pd9qd&id=lidar2&mcvt=1000&p=259,200,509,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2964830580&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645025339350&rpt=152&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:29:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C1D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskRE_7D3vQxH7rCFk18Mmhwt_lzkJBrXyemfxM51AK2LRhQsngOn6xqseQCZ5zslEnoGpeebKhGL9GgnEkfxTzaA&sig=Cg0ArKJSzOb_xu_nZzuVEAE&cid=CAASF-RojcYAbXjipYNf1KSdvxAXYDI4HIWA&id=lidar2&mcvt=1001&p=559,1063,809,1363&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220214&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1224838769&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645025339336&rpt=190&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 15:29:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame FCDD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dzQRnvG3hIUA2hPkxtvSOBsoOnJkCBbHE_MFD457TtS3skloN6N9rFaFBgeW_K7UZU6Ba1O_mH2I5LIIrgdK9I2teNWs7QbRArDRitmqz4u_brh08fK70GqfvGcC-YfWVDJImAuJl1Wwc-FSkPTxuz5pSubPoygbrnhiSm2m-O2KuTW1Y_YeQnyygrrTGPz-aGu0nBKGZgLvdWlIpZpTcYl7NmoejdF3vVmZYg4SljVOGFahdgoIqi0XVMP_uc_2QTDBMQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg0YOgALWw4Kd6wXAAW_LvndJwiLLcVk3OZ_8w&u=%7CvpvjoQWuoX7NRjQ2YJpqahaMPBnhk9q3qjTmoXjterQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvzXymk32K8KuuU-EydmuZaveaMshFMKQ8rM04me2CNn3vyeyO8oumr3H42R6M8VU31qJ380SFqQduMDJaSGVV9BbX6w9pneqeGExN36PQ3DYwtZnCPQEOd96LBrWREyGYIcY8_Cm-YTk3vE8NE2pYENL1KRdNMqtA337fz8crhQrTlD2AY13URDIii7lpqF12YEb-87wd7C_BuZQriRjsL7WqYEp4zKAfSYEootxmyzhphiI8Vf-paE7TSK_pLBuTc8htOeALeDrkSqGAA78KC2EkvtdQyqAP-3ZTFAq0AN3X7YQRXKF1nM2IHGlaUV1Z80ItCkdOd9BRtE7uLx-_fr6OhagzoVrpvwswF062CZi_xDRMI8FuRwWrmMVzg_QjlAJBGe_Pq1ojiRPp54Ta8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk-tAOhgNYo62LZfY3gOu_pbAA8me0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNTMxMzE2MjkwMzE3NDY4NaAB1bbS6gPIAQmpAuSZjyyzGLM-4AIAqAMBqgSXAk_QwsvdxlXkqyvHmZiLeGtOVl_-2gP2P0Tj5Pw5w1oEczXDoPP7694-eRI6YomLSqc5xBkgiwhJwNBZNuKMu_51wcT0lDo7a2OcKe9chfFFlFqiB4v_nU8kL-0uuRHJrW1bNyvBfZflqRU6PdDIHns-xgU_HYS3ADaJVaQJggUSBsiQitpRkGfLbczI0LqWVjlspGwPNt5fnbp2AII2vW--MVHG4nLKjSlofyFtn-vOHX24_gmTNxWaMfOhuCrj7W8e9IapJYIrUDl6-f8g69AYbkbt6J4zQOObOzRIMSqwy_NPZjvgjRv-ohIRFbeAgSJtaryUzY9ty9YQrbe_dSYaHypPBrN4axh0kQ9ys0r3cY0IoqPpJ-AEAYAGh42N282gzNz0AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13cpxeAxUoU7y5x-ooWustiewa9w%26client%3Dca-pub-5313162903174685%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 15:29:00 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
pvClk.min.js
analytics.webgains.io/ Frame EDAA 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247651&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j1f2r74vg6bqw9dpyetn7sw4yt68ggg85aj0p0xmrrd71v80v9wqm0k06dq8jp5chbczqevjbm3n2e5rtyqfqdkj414dgct9z78x800yycjvknw8pvzgvrxssrrqbfaq5rw6bajk7ptzmr6hyvzzsr5xyb3156yp0a7a84ad82w1tdrqdydzpbnpymksq82pw4v1vhzbk1txw5c0cc3rccnp461jv1md0cz9htqc1ef5yj4p34zv7gkggj93d8g4pt3j3mvv8v2wjhpkkxm4f0jphc976d0vyqm8h8v5s7dh76cjw0s9eyz%26a%3D&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
33188
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 16 Feb 2022 06:15:54 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
dBPQTGemSBWufkMk8tb6vsLisEb5_fTnXG76aYMBup2801mOEOBGeA==
link.html
track.webgains.com/ Frame EDAA 		0
0
tracking-event
api.webgains.io/ Frame EDAA 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Feb 2022 15:29:02 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 15:29:02 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
css
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 15:02:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 15:29:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 15:29:02 GMT
06b7a9a445ec6c790a7eab905edbd564_223056813.gif
m2.getsitecontrol.com/images/1518/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m2.getsitecontrol.com/images/1518/06b7a9a445ec6c790a7eab905edbd564_223056813.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-723.bunnyinfra.net
Software
BunnyCDN-DE1-723 /
Resource Hash
ac57ea06a2a3f57ffa1b52b3cb23bf406f09d43ea8facecf11c3c46a3af420a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:29:02 GMT
cdn-edgestorageid
632
x-amz-request-id
66GQDRGPRNSGN41Y
cdn-cachedat
02/08/2022 19:05:53
cdn-pullzone
84985
content-length
33741
x-amz-id-2
rqoedVubABsvRFKMwekX2JcOcGIfPbeSephMc67XAT9G8wI/WH8OooraSiUBu2Rlvic0HZ+1mMo=
server
BunnyCDN-DE1-723
last-modified
Tue, 25 Jan 2022 13:13:35 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"a5195743ef3fb39843ea0e9b752d6810"
content-type
image/gif
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
79577a7779ec9d1d4fdae3e8c40aeb47
accept-ranges
bytes
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
34370307012420150f0ca3c3225f025d_223056792.png
m2.getsitecontrol.com/images/1518/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m2.getsitecontrol.com/images/1518/34370307012420150f0ca3c3225f025d_223056792.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-723.bunnyinfra.net
Software
BunnyCDN-DE1-723 /
Resource Hash
0bfacd1e61de29212b6b1b153a4f1559e81cfbe382998fb94fdad5fa980e6871

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gauchazh.clicrbs.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 15:29:02 GMT
cdn-edgestorageid
632
x-amz-request-id
66GXJ87PPX881SXF
cdn-cachedat
02/08/2022 19:05:53
cdn-pullzone
84985
content-length
14524
x-amz-id-2
dB/aC4xI6lv1jOhO6u3sa6Qdesw83Iaw4pa1ewWhe0Ris0idf6gqCqijA/y5QVX7KTfQ2I/UZWA=
server
BunnyCDN-DE1-723
last-modified
Tue, 25 Jan 2022 13:13:15 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"b909bc4901cadc7c3761ee49a89e4675"
content-type
image/png
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
5ff01541746c323c898ebd092390a40e
accept-ranges
bytes
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		229 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae3c0ea26abff44f257ccf63f104e48caf74616ba9c6ba3ab9be3c8a76db96a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
452459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 13:17:51 GMT
x-content-type-options
nosniff
age
439871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 13:17:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gauchazh.clicrbs.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
595963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
events
events.getsitectrl.com/api/v1/ 		0
212 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?ts=1645025342599&sid=5fc0c9a84b300e91&t=1645025337.8dddfd853ca1374e7d2d15c354000f1c.598591f291ecabf27788680ed0030374&s=2d4e0723e771de721901885088a54446
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d8fed6e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-136-130.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gauchazh.clicrbs.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 15:29:02 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c
Domain
track.webgains.com
URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5heS3tAzqu3oneid__asuidYIJYYEbhKitVMQ07_UGcH7jmcZC6Jy-Gasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247651

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| structuredClone object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _sf_async_config number| _sf_startpt string| __ISOMORPHIC_DATA__ string| __gzhenv__ string| __GZH_VERSION__ object| _cb_shared object| __LOADABLE_LOADED_CHUNKS__ object| google_tag_manager function| hj object| _hjSettings function| fbq function| _fbq object| regeneratorRuntime object| __ISOMORPHIC_DATAP object| gzh_metrics_data object| GZHAnalytics string| 575-385 string| 945-565 string| 850-508 string| 820-545 string| 640-425 string| 600-400 string| 480-320 string| 414-275 string| 375-250 string| 360-240 string| 320-212 string| 133-90 string| 100-100 string| 350-350 string| 659-439 string| 375-249 string| 75-75 string| 277-185 function| APAAsyncInit object| google_optimize object| _cbm object| pToolsCookieManager object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill object| privacyBanner object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ZemMetrics object| _zmq object| nvg23955 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| ModuleADS object| APASDK object| APALoader object| UrlCache object| SUBSCRIPTIONS object| SWG object| TRC object| _taboola object| _tblConsole object| _comscore function| NossaLoader object| iframeNossaContainer object| Nossa function| udm_ object| ns_p object| COMSCORE function| gsc object| webpackJsonp_getsitecontrol undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| prop object| placementData object| GAUCHAZH object| _cbq number| _sf_endpt string| __chartbeatLastRouter___ string| __dataLayerLayerLastRouter___ string| nam object| pSUPERFLY_mab object| pSUPERFLY function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ModulePrebid object| ModuleAdServer object| ueto_8b61fdfa9b object| uetq object| cmTag object| naveggReady object| pers function| webpackHotUpdate function| startCMTagMain object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| pbjsChunk object| pbjs object| _pbjsGlobals object| adserver_defined_slots_map object| slot_output_render object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

50 Cookies

Domain/Path Name / Value
.clicrbs.com.br/ Name: _gid
Value: GA1.3.1325982982.1645025336
gauchazh.clicrbs.com.br/ Name: _cb_ls
Value: 1
gauchazh.clicrbs.com.br/ Name: _t_tests
Value: eyJNN3RNZ1NiNXNqNGYxIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEZDR6VDIiXX0sImxpZnRfZXhwIjoibSJ9
.clicrbs.com.br/ Name: metrics_user_id
Value: c899f0df-163c-474b-98a6-b759ead650d6
.clicrbs.com.br/ Name: metrics_origin_zm
Value: true
flipzh.clicrbs.com.br/ Name: SERVERID
Value: s5
.scorecardresearch.com/ Name: UID
Value: 1251a458be8f2fd4392e31b1645025336
.clicrbs.com.br/ Name: _fbp
Value: fb.2.1645025336895.2067078214
.facebook.com/ Name: fr
Value: 0Wk8Pd0BSpTpVqEpS..BiDRg4...1.0.BiDRg4.
.google.com/ Name: NID
Value: 511=RjVcIcZmwTEEG2eYrbwlDubtIWqIFWRgdfhM3GRXdrEh7blf_poiXFxniInbNuXwBJOg-HaaXK6ft0nqV_Dy_n2i4mDcHLot9tN6xCl9WEqAgCDCkhOxT1HSZVk94hAFYrsxMuJBIhoZLXfo-rwevIMrOwYYNvrrApNqn1rPkYg
.clicrbs.com.br/ Name: _hjSessionUser_515419
Value: eyJpZCI6ImU1MTJhMTczLTgzZmMtNTdlNC1hODM4LTYzODI3ZjZlMDEyZiIsImNyZWF0ZWQiOjE2NDUwMjUzMzY4NzcsImV4aXN0aW5nIjpmYWxzZX0=
.clicrbs.com.br/ Name: _hjFirstSeen
Value: 1
gauchazh.clicrbs.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.clicrbs.com.br/ Name: _hjSession_515419
Value: eyJpZCI6Ijg2MDVkZTNhLWFlNTgtNGI0OC1hZjQ0LTNmNDUzNWNmMzU5NSIsImNyZWF0ZWQiOjE2NDUwMjUzMzY5NTAsImluU2FtcGxlIjpmYWxzZX0=
.clicrbs.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 0
gauchazh.clicrbs.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D200c64e1-0124-4196-bf2a-e9c4b875781b-tuct9069db9
.clicrbs.com.br/ Name: _gat_UA-3469445-1
Value: 1
.bing.com/ Name: MUID
Value: 2EF182D6910D68733137939B906669D3
gauchazh.clicrbs.com.br/ Name: _cb
Value: CPKKqLb-FHUD0RBrP
gauchazh.clicrbs.com.br/ Name: _chartbeat2
Value: .1645025337934.1645025337934.1.BsUHNJC2fuVVBWsq4uyM8HhI3218.1
gauchazh.clicrbs.com.br/ Name: _cb_svref
Value: null
.clicrbs.com.br/ Name: _ga_BSW87XLWWR
Value: GS1.1.1645025337.1.0.1645025337.0
.clicrbs.com.br/ Name: _ga
Value: GA1.1.477300590.1645025336
.clicrbs.com.br/ Name: _uetsid
Value: 28b076308f3d11ecbdd37da603d1439e
.clicrbs.com.br/ Name: _uetvid
Value: 28b0aaa08f3d11eca14ff1f8a1207322
.navdmp.com/ Name: nid
Value: 103c698302dfc807b94178015310|0|76
.clicrbs.com.br/ Name: nav23955
Value: 103c6983029b7625b976578d1c10|2_48
gauchazh.clicrbs.com.br/ Name: player-region
Value: Porto%20Alegre
.rubiconproject.com/ Name: khaos
Value: KZPPM2Q2-1E-EMLS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpVW18Gz6hjFSAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS6/f6+AX/rYlLXPDyLGveX48Egj5e3KacrPtIOOqYiXMJhsHlJbldDf4+2qwceU3wqZr5ZVxLWDe
.doubleclick.net/ Name: IDE
Value: AHWqTUlJ_nJiWiAUffAqSYkw5EzykWLHk5LqZmGLFLmYY_q6Ctd_jfYIbBCFeujHbZ4
.clicrbs.com.br/ Name: __gads
Value: ID=215062f1baca55ce:T=1645025338:S=ALNI_MZI9zRVmvW6mT6Hqakp1pyJ_D2YuA
.blismedia.com/ Name: b
Value: 620D183B75E1E42876B49421BLIS
.3lift.com/ Name: tluid
Value: 1655034005243053335097
.turn.com/ Name: uid
Value: 4531728628582054005
.de17a.com/ Name: guid2
Value: 1.280676738618953376
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yg0YOwAGrNsQvQBB
.360yield.com/ Name: tuuid
Value: 70935c2f-290c-409a-9fef-aace56ebb7fc
.360yield.com/ Name: tuuid_lu
Value: 1645025339
.mathtag.com/ Name: uuid
Value: 2b3d620d-183b-4400-a4d8-581b13766787
.mathtag.com/ Name: mt_mop
Value: 4:1645025339
.hurra.com/ Name: __uu
Value: MUoMCv73-r4sFU3Azzzzzzzz
.tidaltv.com/ Name: tidal_ttid
Value: 23c129eb-84d9-4a54-bd43-eff0fbedaf22
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA2sDI0sgAA+4fgIAkAAAA="
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0NTAyNTM0MHZsZWExZGUyMDIyMDIxNjE2MjkwMDY0MDA3OTkyMzIzWDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFI1WGZnZjZRRlgyN1RrSHdIM3RRdGRkQUZ3VHpUN2dzN29uZWlkX19hc3VpZFRrSUc2U2xtR1pBa0hFV192ODJieS1xQTI4NzFONmdJYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExMzc1Mg
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022021616290064007992323X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0NTAyNTM0MHZsZWExZGUyMDIyMDIxNjE2MjkwMDY0MDA3OTkyMzIxWDExNzY4M1YxMjI2MTMyNzAyTVNvbmVpZDVyZVNYZjRFc01la0ZwSDdITXQzdEVFMWNFVFZUemVGMW9uZWlkX19hc3VpZFRrSUc2U2xtR1pBa0hFV192ODJieS1xQTI4NzFONmdJYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY4Mw
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022021616290064007992321X117683V1226132702MSoneid5reSXf4EsMekFpH7HMt3tEE1cETVTzeF1oneid__asuidTkIG6SlmGZAkHEW_v82by-qA2871N6gIasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117683

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cJNcLykMQJqf76rOVuu3_A&google_push=AYg5qPIowI_DIyU4i4Y83547cb-eKcUNNZ-Bkzaz2vn23m6Dc7Ff1CNWawTy1XvD6Y4apg9HuWICVP36lPK-E7rJ0w0k0s-hQ7c
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
608c9cd060dcb8ff93ad97a5e8cabc68.safeframe.googlesyndication.com
ad.clicrbs.com.br
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bat.bing.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.navdmp.com
cdn.privacytools.com.br
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
d5p.de17a.com
eb2.3lift.com
events.getsitectrl.com
fastlane.rubiconproject.com
flipzh.clicrbs.com.br
fonts.googleapis.com
fonts.gstatic.com
gauchazh.clicrbs.com.br
googleads.g.doubleclick.net
ib.adnxs.com
identificacao.clicrbs.com.br
images.taboola.com
imprammp.taboola.com
l.getsitecontrol.com
liverdgaupoa.rbsdirect.com.br
m2.getsitecontrol.com
mab.chartbeat.com
mabping.chartbeat.net
news.google.com
nossa-loader.clicrbs.com.br
onetag-sys.com
opi.navdmp.com
pagamento.clicrbs.com.br
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
ping.chartbeat.net
pips.taboola.com
pix.eu.criteo.net
pixel.rubiconproject.com
play.google.com
prod-rtb.ad4mat.net
r.turn.com
rtb.fr.eu.criteo.com
s.ad.smaato.net
s0.2mdn.net
s2.getsitecontrol.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.hurra.com
static-de.ad4mat.net
static.chartbeat.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.tidaltv.com
tag.navdmp.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trc.taboola.com
us-central1-metrics-prd.cloudfunctions.net
usr.navdmp.com
vars.hotjar.com
vidstat.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.rbsdirect.com.br
www.telefonica-partner.de
cm.g.doubleclick.net
track.webgains.com
13.248.245.213
13.32.99.105
141.226.224.32
142.250.184.194
142.250.186.162
143.204.98.76
151.101.129.44
151.101.194.49
172.217.18.98
178.250.0.139
178.250.2.148
178.250.2.150
18.66.139.40
18.66.97.96
185.29.134.244
185.33.220.100
185.59.220.198
185.86.138.131
189.76.157.100
195.181.174.138
2001:4860:4802:36::36
2001:678:cb4:bbbb::11
213.155.156.181
2600:1901:0:76b9::
2600:9000:21a1:7800:1b:5138:8a40:93a1
2600:9000:223c:7400:18:1fcd:34f:cdc1
2602:803:c003:200::51
2606:4700:20::681a:ad1
2606:4700:20::681a:b5b
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:135e
2606:4700::6810:bf3
2606:4700::6810:cf3
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a02:2638:1::11
2a02:2638:1::3
2a02:2638::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:200::714
2a05:d018:24:b002:5c97:83c8:403c:77a7
3.209.136.130
34.242.207.34
34.96.105.8
46.236.13.147
46.4.62.19
51.89.9.254
52.222.236.122
54.164.74.135
54.86.215.174
62.144.160.15
69.173.144.139
84.200.5.215
88.99.63.132
89.187.169.47
00893818e9dd84c02d708b6b88d85f34d855990f4f3d853df9d1257a6088840e
008ffe8f29d31239246df914f1d6a832a98c72dea26aba87d3e7eff2d2877ec6
02519f2ba07081abab568de34e18827f13648e69b65a0a741891bf945bae3705
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0462e37a066b69587431280065cf9adfc4c18aba5392529fbba36c16889a64c6
051e78ff49e006565aa057c9ca589e78513468a892d7236136a69cc5808427e5
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06b81e88db63cdeaaa646eff63a8b294f45989e4775c46f6e8e53af36147722d
0728ed30b82bd5a4e2c25d3e62ccb5fa964d53629fedb05b0cc0dbc2f204b783
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
085057fad9d6ad8bbc26230916993a8bc1067d031d29a44d37c3f41c471b6f5b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac8588ee6e33be668883f48a806efa162ca555058b822b262d4804890e6d5b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd4472749669e4a3631a54111319546ceead544e0548d926cf9e4c7c98a8427
0bfacd1e61de29212b6b1b153a4f1559e81cfbe382998fb94fdad5fa980e6871
0ce0518aa19606ec184dfc3c775409d29a364bf969126c255ec9c8398750920b
0e76d996ca804bfb66a6a142afe6189c9123966c3c2d82b4f9d36e93ab5313a4
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11db909f3d3d75732c94b52aef00d31ff69f9e00813c8f3b9d8bb9aa146e9d2e
12a8acbea80254ddfe9586aff910d6a6c67aabd7e29af4c39194cc82bcf4a2c0
172d920cfc0057686039fd1068a7008a421a739104dd27c98aeb9bb6b22f0fa4
1ade69853b74ca4802c1d7cfd40701db24b2ba19b19028938bcec7464cb2c9a6
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db96bbf626e8688ffcc3e808eb273fc5c9631f0e9522674b3196a84bdc6b3e3
1e8ee18a8cf05c580dc110620e5f3994a81a33aff4d43be390fd58495b535881
1f12395a5212aa78d3d5044834abe91397c96a1c4458f5104cb00294a092f798
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
24610698edf13a9595faaddb0be5e9f5c5163f72fb96035091a983be293313fc
2470422a6598df8b9005f537d58c53dec2213e1db9fa572b86a95e37bb71517c
25db276f514822906922fbfedd6557c9418afbf1d9d51d69c4f9dacd722a4baa
2652e68706489e729834d94001be164ee8de2f9a7fbd7218a8215464381b174b
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2a293b4997b6f3013484cdab78bd700bb2b5a6c40a1c8e0a449a8b2ac6798f60
2be149f5e75208addf12839a437f423992d2964e9064305a2bdc73323daa49f3
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2c9c81639ba7877372b0df3229f7a80feb08c51f1bd333f96b8eb73a9a037a72
2d0570f47c542a750b024f55ba0efc25b31fde34ec359d5dfaf5fd99cd170651
2d2f1fa5f826c9709600c5c5df00962a23b9086873eff45e0e4b72996259c457
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
312d7eb4c26fc423dca77839b887636055fd1aca5c4be355352f1a5c53e997b2
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3487f66830d03416a2874df1d47b5183951665dd147ca1bce3e845d20e630bc4
36098142ee4abe732f1ce320ef294850b99cffaec5e5bd9369e6f30defd48181
369a9428fcda0514826cab6a50441b0fa67bb7618018fa72f07d991dac70b098
36b8d7c1c0f7498119dcba5a42fc5b0002df4ec86e6f06e87dd4b06301578458
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
385470e1b0daa0a2a4c86aaa0a3c45f7a434a2b72772a257978be7c604d930db
395ddc9739ef87bbfd5a7684d16b8b684f0a8601b6d64b8d705502be1603c26a
3975966229b1c0ceebf499c9785110a8142f42b5bddb0122e3eca5666707ae45
3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d44770fb977e1d2b81f0cd1d9b3612db35325d9b75cd42f0d80693bff4392
4175dbbf29e13ce8c6d082b2b8e2e8a1faea5d27455d2ebbe8db53d9722e2a50
42613a36d0e91e9035438e3a8757076c4b4bb29fb41ce3547b782a8d44dffc6d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447c289dd7e2fa34ae74528c86a706ea96252f85fb9bc7b8e21873b0a560da64
44c87e5db4ef3e2fc23b77f8ef956311fe8571b23c700261f774613e78099021
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4526aff82ef10df4085b45b7b95fa8f7173a81e86a7b4f1f2bdf0c3d08f66877
45deb68232bb5d9ce23bb076bcc71c1f248f8177b00a86aaf13040427050038f
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
471446ba6b63ba06cb277b373cf90df7f8b205fe79c375d0d2f8ad08114f58a8
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
487f4e277ea60147de9d3f5825d789c48517cb2c37715ad0fa2cec96808e6bd3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bb6981f122b7913e0bbd004eb2cc0b6a681bcf520a7c30d4800d0b16df49abd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50a6332e86b975cebf7d5c3f5afded31b8a6057debaac3cc69e2123e8deddfef
50da25e5ac83b7da3a53523b1ff9a63dfaaf48aa4f3865155ba480ae2a6fad7f
50eea100b4b9102cc8cc860f34a92dac7bc6891874290dfc9260a9b56d2eb2b0
51ad2898e51aeb4b3bb9a563d3c51f29bcd95d37be16d5e7d3d628fb89e0407f
52ab52b0b9bcb9e0486b46c547952e826bf6960fcbba7cdff8d792e1e284d6cd
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54445201b212341352d23a710bec57bf11c9d7cc72a838e4816f14059d263e3b
54e399ff7252ace149b100e87451ff4031a94cfbd1cf80916d4b83da6f6014c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b9253d0d5a497e0914e931a50a4fcfddcb55ecced22b669c66cc5fae4190b2
59349af94fef6e16882ee1473345e998bd9c79ab2df27c26ad0faa9c1daf8969
5a88f85d0def284cbb3518e9df9462e4d4897401f7da3424e53216edeebda383
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5c83f18642863842ab20430cb64f533b5f341ef61f4ebdc83d7b333e1762399b
5d69ff4665e0f752198eaf19b1385789539f11fd46cd069335f90082cfd58042
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
60077ed37626dafb3e2ae60cc8463ca7190e378d25f47398adf0f966ac2cfaa7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624131598e832c386746d7c95eb44b87aa91abdcc9c3868201cc753b03e4c335
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
629d5a24e044dd4039de4c45abce8c365013cbed5def0d8ead586c68d31d06d5
65a1459160b99d548b8239afbdf7a41ca91fe1e3ba247d1d565df31bea0d6533
6771b47b18b9d6c3c553adfa4a75dab513047880500fb37d9814252e8b11c950
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6aedbd5800ac3f78832844813990b17d15abcbc14e740e390aba7e50271ba250
6d0cae948ba7b2ae4cf6123744dc1be2c19692879aa527a13c771b432aa18e2c
6d16d12a90867ed71e37a43f1c13e71a327fcca58f42df4776f1def56f8031ba
6d44d02afbb548f22926b7382566b1ebb3dc908f95b9ba06e7657ec36361fed6
71c2df2b80133a8cc8ddb77040ce8acd65e648540c509c596b11e434c1e92d84
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7ae3c0ea26abff44f257ccf63f104e48caf74616ba9c6ba3ab9be3c8a76db96a
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fea1533939a83fdd3078a70cd1e3de934f9f06652c5fcb1bf1846b3ef53056c
82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838b7351ffd6539bc4fd81958e31810222038748b89faa4de0bd00e8b2494da6
83d3afbcbb951df99c98213246727083063e4735e16562379ba8bcc083113dca
84c55b3afcd413462d0b64112ad9ba31d1ae5452356936a38dbc145edf6e9bb6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85974d7c5ae1b1a0f07bdcb88ff37a2893533248a12af5c40c0c6fcccbed06db
85b5b930e731780c31cb7cd22c076a1998f9872e2d3c5e194d8f556c78c426c0
8832feec5afafe3117d1fb90217f8fe7a16c03eb515f83582e043ee421d89fab
8847cc60ae38e9ee058fe1c1ead1cd834995c605c5d940437078419e622ce933
8a3a9d32ad0cd9399475182d83800839c53c3a0945c24a1db0a8955522b16547
8a3be5c42a100f7deea011d1d5d80652f5f8bc26ba5fdbc12cb470f4ce69bd23
8a481c436bdaf8074d2dbd7216dca21a7de2a4adbf64b9ad3612e187586799c5
8d111500bf25634f687194ff4d0d56fdbf0408efbf5d3b7fbb5698a5427bda0d
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90ab255dd831f5c019c791dc30f6c03be753cc6ad95534ca92bada2837a66618
915434fa63637faeed4ce9db4624f9d3a2e507f1c37b110e848c283c407cf33e
922d6b0274c900d518e815e45bf3e5a646f45ca92fdb3de5ac99aa0d02054b5a
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
954fd4d2ed05350823d3b43782f7e4476fb25689819e4b5d5c5c790e38d9e1ca
975ac5c49a920a7877668499bf696c9e8f26470a7d9493205a824b83f57f8042
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a09598eb445d9aa7e87c3a2d7cfd3767cf1bb7c3b1653448bb1508c7b895df4d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17468d71dba20ea2c2dc495fe2ac92cc27d72d57fbbd46b81f2df5451880794
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ec4e6bcbe16aa5d5528b53498c024d8e56c5040ad418906cbdd2a0bf37ab69
a217093482f8f267d7b2687f71cb07e0d1d54f2006e6895e78b94e3b390721bb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a49c6db45854a11786964a1d1df051ccdf021097f05b242720cfea23782b2682
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a8e9886c01a5f3d4174d6ed6eaf8d429059f0a5bd9a64f3796d445ee312c7d
a52289797d7a998d98bf08962013ddb03c44e590ef423075542f1e729626839f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7622a2bbacb14e44383157a9f1de1e81a938a4416d50166bc29d44051e1af3d
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
ab6c2d2f7f2b318e51cbf51913cbc0f30a226a4df15eac7e1f8241a559930e0c
ac57ea06a2a3f57ffa1b52b3cb23bf406f09d43ea8facecf11c3c46a3af420a5
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
afa6b81f1bf984f4a5ea2e070bb58207b870de0001a8ca07d3f66be20be25f3c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a912d69dab19b2d1e21e13606ff7396983ab7f6337ddcda7c11059091b196
b84937bc6a4c4c78b3fb6ec547bea2ca8cd883aba7a102856e864dec18011aac
bb4e5a43c400ad8b5ed7a07da8897663f590de7f60065d5e828792179ba1b958
bc0c653fc6616c9a804051df24255ac47ebdb98a5d32a1973844165dc0bcdc4f
bd1a6ed773a5ffd85d292aaf7c25c593686b1dc20baadaf69cb993e4b2ba6725
bd9c766ecaa3be73861e40cce25bbb8ee323e51a32640905b0a2af9bd5923962
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
be5efae6930f6ddbf7d7c112ca85838d02bf367a2a1d5c53202250c1e1476962
c34d49b0ab2ba37107cb9aef0f4a47da501faeb4a7315d6aa1b47c80f57b329e
c3728dcae7f124057d95b29a59cc6b580e9dc78a45f5b76bee1f62f345bfeb69
c38b87dd1fc0b12aff4bc05bfffc4152852f1b9c50975e45873621bcea532379
c602946d83dd7c064e03166e8e902b6ae2b8c3428747b0ceb8d6cfde0a01a391
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6eba37f3825056552db1ce605bbde19f590bc7cbeb091191bc428b1ac2ccc87
c71c89ba418f2b26ad3ee08128e2c78c58916bc80aaede90bb07a5d2f3bd607c
c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca4d47df5f2bd23ed98af5a718234733be65fad15a188097a63a9cc4c1357cec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc519a71f76661cdeb01cb054c91a540510c14b29f3973a5da6d3a2655f583c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcac3b26f7be340c0e77a1cc0fc5661a6ae6164404932e139285acd46b8d48a
d0bb2cfbc0632201ddefe3bb3cf02bdd82a1f1ce28d82ca2441022068638380c
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d17b91dbf21a1fb94a18b00083e5a233a69dca22a0568d98153f3a2c00d539bc
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d43b6d29a1d87c47bf0d418c583668b78d1cb02dbc7b65755facef73172a07b2
d59040ad1ec39e643a31d375c395e40e427d7af21000be2fbdd9eac9dcd47b56
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dac132bbca53590d70e221bdd1630ae7e267f05466287a0ce5cc485f89d75a65
db8afdb483035e4336145db36463bdbf70bbfd8ed572e886a69a510d73d674ac
dc0ddd462a72d52805274508b2477314ba9df0c2eebd6a477a121ac681fcb831
dc1de07fa34f5a152c80eefde3566285b0aa80328478cb72dff5b67d7c18a07e
dc930abe14ab06c49001c1ea8ad294e2d2e1145dedda720dfac54f8288640f56
dc9f1a0d5a2d5ef01408836a18633cab125ddd508aa6a89ba3b5d18ff8be27ce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0145214138591c2d51eb51ceaa2d883d60d08edd888bd4f0c480171adad1160
e073495a103486e55f7ca93301d39c66f2b05b5ea2fc276532ec8ec3344b3605
e0d9cf679678eecc2d314b615250487a15ebc687feb153bc2122d493e079e50d
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e235dfd21a3870110546f9be94ef0a05928c5cc62b73d356db1879abd2e8cfab
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e2cdd9a029657813adbdf476b57659401957540cfd21b6b46baf245db601eb1e
e2ffac3f9952697555527d7ef792e7e1143db14669461f86769c6ca4bdd1761f
e34c0e31ee3f8177320cab8ca9ffe631240bec0e86a64e2c37af8ccc7eef2335
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e454c728482f2ddb3feabc93952a28ccd255a6074c92343736342394c75f5bb9
e4589e9be8fb2fe056439ef9a65adf444c3ca964227299f2753ddd1db3242023
e5b260e796280c1492fa23b750cdca467921aaa0382bd748a6e6104a14a36347
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e86edc1e75e885c59b0df44e8e10757847487c8ffd9d98b5ae79d04aa4570cc5
e9e6b8b478423b37fbec2c384189edeabcef834e6a2a5f5e572a152e2d2069af
ebcf864a2018b4b0f21659ad83c84be23ede2c89453cf7baa9d3865a5d4b9382
ee210c77ed7557695e2e2e30d3b6dd67ef4b87e04f47f2fadf2adb88641f2870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f2fa75fb3b2cdc2fbdd29c43a3010acd04e4af6be218651b9f151dbc44756edc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f731ff13de53f2bc7fd6c0fa5b530649db506b5544da9c5687b245c82217738f
f75a001bec4bdf424466cdc150b0aac769554195c5bf3105cd369a9861aa7103
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8223c715d6927d3966caef0d8ee78e4ee5be665e2c26c8d7226d68ea052445f
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fb192312893f464a9be1c1a833951fe1894127803d6a38d29b434d03f333448b
fb1e80d37bd348157da29701377633ef2b99781853f872d7ddd6886fae82c6e0