urlscan.io logo urlscan.io
SecurityTrails logo

feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br Open in urlscan Pro
200.193.43.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Submission: On January 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 14 countries across 72 domains to perform 365 HTTP transactions. The main IP is 200.193.43.62, located in ItajaĆ­, Brazil and belongs to Brasil Telecom SA - Filial Distrito Federal, BR. The main domain is feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 200.193.43.62 8167 (Brasil Te...)
5 2a00:1450:400... 15169 (GOOGLE)
27 179.191.190.70 52580 (Azion Tec...)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 142.250.186.162 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 18.230.146.239 16509 (AMAZON-02)
1 3 185.184.10.30 203690 (RTB-HOUSE...)
1 142.250.186.66 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
5 2.16.186.226 20940 (AKAMAI-ASN1)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
2 2a03:2880:f10... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
3 52.224.31.34 8075 (MICROSOFT...)
1 2 40.91.78.9 8075 (MICROSOFT...)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.18.114.97 13335 (CLOUDFLAR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 54.207.195.77 16509 (AMAZON-02)
4 5 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
1 2 63.35.20.93 16509 (AMAZON-02)
10 33 142.250.186.98 15169 (GOOGLE)
3 178.250.0.163 44788 (ASN-CRITE...)
1 3.121.106.122 16509 (AMAZON-02)
3 4 185.33.221.52 29990 (ASN-APPNEX)
1 70.42.32.63 13789 (INTERNAP-...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 69.173.144.138 26667 (RUBICONPR...)
1 2 34.255.158.248 16509 (AMAZON-02)
3 2a00:1288:80:... 203220 (YAHOO-DEB)
3 7 18.156.0.31 16509 (AMAZON-02)
6 6 3.66.195.154 16509 (AMAZON-02)
1 104.111.214.39 16625 (AKAMAI-AS)
1 2600:9000:214... 16509 (AMAZON-02)
1 2 3.121.107.137 16509 (AMAZON-02)
3 35.244.159.8 15169 (GOOGLE)
2 5 2.20.157.55 16625 (AKAMAI-AS)
2 212.82.100.181 34010 (YAHOO-IRD)
1 2 34.254.114.92 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
2 2.21.140.111 16625 (AKAMAI-AS)
1 34.102.166.132 15169 (GOOGLE)
1 124.146.215.49 2514 (INFOSPHER...)
1 124.146.215.4 2514 (INFOSPHER...)
19 2a00:1450:400... 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 185.33.220.243 29990 (ASN-APPNEX)
2 104.90.104.248 16625 (AKAMAI-AS)
6 8 185.94.180.126 35220 (SPOTX-AMS)
16 138.201.63.117 24940 (HETZNER-AS)
1 4 138.201.220.30 24940 (HETZNER-AS)
2 8 88.99.219.174 24940 (HETZNER-AS)
1 4 78.46.90.238 24940 (HETZNER-AS)
4 4 2a0b:4d07:101::1 44239 (PROINITY ...)
4 5.1.80.163 34549 (MEER-AS m...)
4 8 104.92.94.3 16625 (AKAMAI-AS)
4 4 85.239.105.10 16097 (HLKOMM 04...)
20 2606:4700::68... 13335 (CLOUDFLAR...)
8 46.236.13.147 12703 (PULSANT-AS)
4 8 142.250.185.166 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.16.162.42 16509 (AMAZON-02)
2 2 3.120.29.221 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 213.155.156.166 1299 (TWELVE99 ...)
2 2 23.92.190.69 10913 (INTERNAP-BLK)
2 2 13.248.245.213 16509 (AMAZON-02)
4 18.66.2.98 16509 (AMAZON-02)
2 2 2620:112:f006... 6336 (TURN-US-ASN)
2 2001:678:cb4:... 56396 (AMOBEE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 1 151.101.130.49 54113 (FASTLY)
2 35.186.253.211 15169 (GOOGLE)
6 6 185.64.190.78 62713 (AS-PUBMATIC)
2 3.33.220.150 16509 (AMAZON-02)
1 207.198.113.170 13768 (COGECO-PEER1)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 185.86.137.122 201081 (SMARTADSE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 34.242.207.34 16509 (AMAZON-02)
4 52.19.108.67 16509 (AMAZON-02)
365 85
11    200.193.43.62 (ItajaĆ­, Brazil)

ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR)
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
5    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    179.191.190.70 (Miami, United States)

ASN52580 (Azion Technologies Ltda., BR)
ph-cdn3.ecosweb.com.br
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.230.146.239 (SĆ£o Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
cdn.pmweb.com.br
3    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    2.16.186.226 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-226.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
2    40.91.78.9 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
10    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.18.114.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    54.207.195.77 (SĆ£o Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-195-77.sa-east-1.compute.amazonaws.com
df.pmweb.com.br
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4007:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
24    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    63.35.20.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
dpm.demdex.net
33    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    3.121.106.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-106-122.eu-central-1.compute.amazonaws.com
crb.kargo.com
4    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.255.158.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-158-248.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    3.66.195.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-195-154.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    104.111.214.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-39.deploy.static.akamaitechnologies.com
contextual.media.net
1    2600:9000:214f:4e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    3.121.107.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-107-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
5    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
r.casalemedia.com
dsum-sec.casalemedia.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    34.254.114.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-114-92.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com
cw.addthis.com
1    34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
1    124.146.215.49 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    124.146.215.4 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
adgen.socdm.com
19    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2620:112:f006:bbbb::16 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com
sync.teads.tv
8    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
16    138.201.63.117 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
8    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
4    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
4    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    5.1.80.163 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)
PTR: s17177.creolineserver.com
adv-srv.office-partner.de
8    104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com
www.awin1.com
4    85.239.105.10 (Leipzig, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
20    2606:4700::6813:ba79 (United States)

ASN13335 (CLOUDFLARENET, US)
singles.parship.de
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
8    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
8019191.fls.doubleclick.net
4    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    52.16.162.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-162-42.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    3.120.29.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-221.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
2    23.92.190.69 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    18.66.2.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-98.txl50.r.cloudfront.net
analytics.webgains.io
2    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    207.198.113.170 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
8    34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
api.webgains.io
4    52.19.108.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-108-67.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
Apex Domain
Subdomains		 Transfer
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157
244 KB
48 googlesyndication.com
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
265 KB
32 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal900016.redintelligence.net — Cisco Umbrella Rank: 189840
hal900029.redintelligence.net — Cisco Umbrella Rank: 302598
hal900019.redintelligence.net — Cisco Umbrella Rank: 222423
204 KB
27 ecosweb.com.br
ph-cdn3.ecosweb.com.br
502 KB
20 parship.de
singles.parship.de — Cisco Umbrella Rank: 291354
59 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
2 KB
13 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
sp.analytics.yahoo.com — Cisco Umbrella Rank: 818
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
4 KB
12 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
api.webgains.io — Cisco Umbrella Rank: 60455
205 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
sslwidget.criteo.com — Cisco Umbrella Rank: 1760
widget.us.criteo.com — Cisco Umbrella Rank: 18087
dis.criteo.com — Cisco Umbrella Rank: 691
17 KB
11 ecosweb.dev.br
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
testing-dbr-ws-site.ecosweb.dev.br Failed
518 KB
8 instana.io
eum.instana.io — Cisco Umbrella Rank: 5597
eum-eu-west-1.instana.io — Cisco Umbrella Rank: 23482
38 KB
8 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
14 KB
8 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
5 KB
8 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 250175
adv-srv.office-partner.de — Cisco Umbrella Rank: 252765
4 KB
8 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
5 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
331 KB
7 gstatic.com
fonts.gstatic.com
121 KB
6 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
3 KB
6 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
2 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
6 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
5 turn.com
d.turn.com — Cisco Umbrella Rank: 880
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
2 KB
5 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1974
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
5 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
895 B
5 clarity.ms
h.clarity.ms — Cisco Umbrella Rank: 2241
c.clarity.ms — Cisco Umbrella Rank: 917
24 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1300
68 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
21 KB
4 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 250848
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
150 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 20790
17 KB
3 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3401
730 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
73 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
529 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
949 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
720 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
2 KB
2 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3397
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
914 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
344 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
adgen.socdm.com — Cisco Umbrella Rank: 7393
1 KB
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1338
854 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
896 B
2 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2306
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
853 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
698 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
386 B
2 pmweb.com.br
cdn.pmweb.com.br — Cisco Umbrella Rank: 74263
df.pmweb.com.br — Cisco Umbrella Rank: 73673
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
75 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
586 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
191 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
577 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
308 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 3546
600 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
240 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 516
782 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1260
231 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
476 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1519
360 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
13 KB
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 14351
474 B
1 t.co
t.co — Cisco Umbrella Rank: 487
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
458 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
365 72
Domain Requested by
33 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
27 ph-cdn3.ecosweb.com.br feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
20 singles.parship.de hal900019.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
singles.parship.de
eum.instana.io
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
16 hal9000.redintelligence.net a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
hal900019.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
13 googleads.g.doubleclick.net www.googleadservices.com
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
11 feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
10 www.google.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 api.webgains.io analytics.webgains.io
8 8019191.fls.doubleclick.net 4 redirects feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
8 track.webgains.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
8 www.awin1.com 4 redirects a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
8 hal900029.redintelligence.net 2 redirects a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
hal900029.redintelligence.net
8 sync.search.spotxchange.com 6 redirects googleads.g.doubleclick.net
7 ups.analytics.yahoo.com 3 redirects
7 www.googletagmanager.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
www.googletagmanager.com
adv-srv.office-partner.de
7 fonts.gstatic.com fonts.googleapis.com
6 image6.pubmatic.com 6 redirects
6 pixel.advertising.com 6 redirects
6 www.google-analytics.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
www.google-analytics.com
www.googletagmanager.com
5 a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
5 gum.criteo.com 4 redirects static.criteo.net
5 www.google.de feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
5 analytics.tiktok.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
analytics.tiktok.com
5 fonts.googleapis.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
hal900019.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
4 eum-eu-west-1.instana.io eum.instana.io
4 eum.instana.io singles.parship.de
4 analytics.webgains.io track.webgains.com
4 static.cloudflareinsights.com singles.parship.de
4 trf.greatviews.de 4 redirects
4 adv-srv.office-partner.de hal900019.redintelligence.net
hal900016.redintelligence.net
hal900029.redintelligence.net
4 adv.office-partner.de 4 redirects
4 hal900019.redintelligence.net 1 redirects a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
hal900019.redintelligence.net
4 hal900016.redintelligence.net 1 redirects a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 www.googletagservices.com a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
4 secure.adnxs.com 3 redirects
4 securepubads.g.doubleclick.net feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
securepubads.g.doubleclick.net
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 us-u.openx.net googleads.g.doubleclick.net
3 ads.yahoo.com googleads.g.doubleclick.net
3 dis.criteo.com
3 h.clarity.ms bat.bing.com
h.clarity.ms
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 bat.bing.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
bat.bing.com
3 us.creativecdn.com 1 redirects www.googletagmanager.com
2 match.adsrvr.org a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
2 rtb.openx.net a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
2 sync.mathtag.com 2 redirects
2 r.turn.com
2 ad.turn.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
2 cw.addthis.com
2 pixel.tapad.com 1 redirects
2 partner.mediawallahscript.com 1 redirects
2 sp.analytics.yahoo.com
2 r.casalemedia.com 1 redirects
2 x.bidswitch.net 1 redirects
2 ad.360yield.com 1 redirects
2 pixel.rubiconproject.com 1 redirects
2 dpm.demdex.net 1 redirects
2 c.clarity.ms 1 redirects feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
2 www.facebook.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
2 connect.facebook.net feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
connect.facebook.net
2 cdn.onesignal.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cdn.onesignal.com
1 ssbsync.smartadserver.com a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 pixel-sync.sitescout.com a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 s0.2mdn.net a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 d.turn.com 1 redirects
1 idsync.rlcdn.com
1 adgen.socdm.com
1 tg.socdm.com
1 ad.tpmn.co.kr
1 s.ad.smaato.net
1 contextual.media.net
1 sync-t1.taboola.com
1 sync.outbrain.com
1 crb.kargo.com
1 adservice.google.de securepubads.g.doubleclick.net
1 widget.us.criteo.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 df.pmweb.com.br cdn.pmweb.com.br
1 static.criteo.net www.googletagmanager.com
1 ipv4.icanhazip.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 c.bing.com 1 redirects
1 t.co feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 analytics.twitter.com static.ads-twitter.com
1 cdnjs.cloudflare.com www.googletagmanager.com
1 static.ads-twitter.com feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 www.googleadservices.com www.googletagmanager.com
1 cdn.pmweb.com.br feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
1 onesignal.com cdn.onesignal.com
0 testing-dbr-ws-site.ecosweb.dev.br Failed feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
365 104
Subject Issuer Validity Valid
desktop.feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ecosweb.com.br
Go Daddy Secure Certificate Authority - G2		 2021-12-20 -
2023-01-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.pmweb.com.br
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
ad.tpmn.co.kr
GTS CA 1D4		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2020-04-24 -
2022-06-02		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
adv-srv.office-partner.de
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
singles.parship.de
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh

This page contains 40 frames:

Primary Page: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Frame ID: F339063382E2D56C326999F7165A394E
Requests: 115 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313099034&tc=1
Frame ID: E9E1A4B99A8D8CBF6C5F4E6C464E6634
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313100198
Frame ID: 1186BA50A17041669DF5BA44B2C3D08B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Frame ID: 7508CA28091382181452062449E32902
Requests: 2 HTTP requests in this frame

Frame: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C51CF20F7CF9155ABD07CA01AC908B58
Requests: 1 HTTP requests in this frame

Frame: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
Frame ID: E19E62AC95B54088E24FBD10F7A70AFA
Requests: 30 HTTP requests in this frame

Frame: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4807525D5A47F6264F992080BF67368
Requests: 17 HTTP requests in this frame

Frame: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A036550984818CEA04FF0D18534EFA76
Requests: 17 HTTP requests in this frame

Frame: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4B5E5ED769E83C53FF800EFBEA7A4199
Requests: 17 HTTP requests in this frame

Frame: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF968EEF24E079C624611B5089660149
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Frame ID: 1FAC0038B4AB5BBAAFEF87BDA23198EB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Frame ID: 07E5B702DDC161256D1037B07CD932DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWZJmJc7tbugacpFqZPocuDQN_155pBUtRLb9wd5I0tD90TvZPEKcQlQhwRbjY93u7gB1lZO6Lisz1mIRdXhGk3R8smcxmq8Tslm7A3y7Xx6iocTx4fQeiq2FtjV0jQ9wvkqsm8ZYgu5uHNbTsEv6S9kDuZN_q0S5G8pOa0Lzg-KfBHIbI
Frame ID: 07FACBD5394EE95D97BD58589A609DA4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWeHbT86GHC1HoH8XJNDuapRNj64WjqdXD-j1pnvRKSar60YmWWRKqiY-ciihpNAyQq21H2uOhwdnVWEXLfu0Q5teZO5zMpLG9nOrFp2KK8v2D6FeVcGEwXG6dJTNlXJ9G_Uq7IKh1p2_4KcyPOIQSidm-Y50zgGVNc700bcb61ynFM4ZQ
Frame ID: 7D772D41EE6115D600F0374EDD8D11B1
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 738411AC4E54DEA1A1E51A9F9CD66529
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E7E13310D67051367C074AA9B124598
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 74530B605AA718218E1F11ABB7CF8B57
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 99AE942630A4219541347167D5CADEBF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FD8DC5B0CC3E53D52CDA77240961278
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD527EA57FEFA66E0D2F98881ACF1539
Requests: 3 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 34C90BFA7B7F7D3FF675A8CFDD2A1D29
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Frame ID: 60B56AE809E56ABF48B3368B3BF3D46D
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832
Frame ID: 72223C573C7D7FC99106C7808321E110
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Frame ID: 940F6BD3B3FCA539BEB5284C2967F40C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FFB5866D495169AE7C477F813F641BC
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8BBEAC35D3571A2902A444C4337D8E37
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Frame ID: 79E5673AFD7DA65D13D771AF777330ED
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747
Frame ID: A9236F132B7BA4C7E71F28BED9217484
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Frame ID: D1A67C8EF36AFED3658801B8A420D949
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10F9E9BABD0A5248B13FDA93E3CD0446
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B9B161E5EC3C70EC2F28FF83ADF0D02A
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Frame ID: D748A3DF9BF1039F7D3263E1E74D9E92
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326
Frame ID: DEDC88D4A61105EE9E474DEE5EA98AE7
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Frame ID: 7025870A383956F643AA4402B481B7A4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F42EF3D37879B7640E899858A16F845A
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8C857349330D13B6299BA10858AABA71
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Frame ID: 10F5D22B0EDBFD63C9371A536E103C70
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355
Frame ID: 8117106B1E92C46B9B8557A8F4DC5966
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Frame ID: 99B44EDFFA161215191D0CA54604C9F1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E19BF486D863B111ADF83F074079D3C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Posthaus - Roupas femininas, plus size, infantil e mais!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

365
Requests

84 %
HTTPS

32 %
IPv6

72
Domains

104
Subdomains

85
IPs

14
Countries

3078 kB
Transfer

7072 kB
Size

91
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313099034 HTTP 302
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313099034&tc=1
Request Chain 63
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&RedC=c.clarity.ms&MXFR=342C8A16DE1D650318389B2FDA1D6BFC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&MUID=23270B60AF9763973A5B1A59AEFC62D6
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=5pUSZHwvdVl5K3Q1QWtsQ21ibm0zd3FNWDB6aDRmbk5wVzNLRUI2aFVaQUVlOUV6eXRndWx2QUdndTV0UFZyVEJ3VjNabTF4MlUrVSt1SG10bGoxZnROQ2lTV3JVN1RxNVdIT3FUZVNIUjNCbHY1SW9kSWJTWFRRY2lOcmo3eENVekE5WUxMUUR4Zmw1b1JDZ2pGTXFTWlJNTnZncEp1dGgwMEFYOEY2REpqZTUwdlFQZkY4ZEtZL2FtYXFwSkZncXY5L3IySElKM3czRVYxdWllVlNZTXNySklQYW5ybm12YWZmZ1N2cEF5TkQ4SWhBbXluNnRuOW1nUmFZQjBTVWR6MWNydzZlekdIR2hSSFVnNzhHbTBxWlVkUT09fA&cppv=2
Request Chain 110
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMTNrTk9EZnVwUTFVZU42QzdqRzV6aGRwaUgzbEhmZGdFUWglMkJjbVJadGNWMmdZdjU1QmxYYnlBVEFPUm5Ndlc3NWNka0lCUWNVdk5xU1MwNENEU2RIUE1zJTJGaDBjeiUyQktlMVNCd0hhJTJGVSUyRkpPVkU5QnVGMUtENUZBJTNEJTNE&tld=ecosweb.dev.br&dtycbr=42181 HTTP 302
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMTNrTk9EZnVwUTFVZU42QzdqRzV6aGRwaUgzbEhmZGdFUWglMkJjbVJadGNWMmdZdjU1QmxYYnlBVEFPUm5Ndlc3NWNka0lCUWNVdk5xU1MwNENEU2RIUE1zJTJGaDBjeiUyQktlMVNCd0hhJTJGVSUyRkpPVkU5QnVGMUtENUZBJTNEJTNE&tld=ecosweb.dev.br&dtycbr=42181
Request Chain 116
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay10RjlvNFJJY1RnbUgwT1FoM3huSFdhN1lmNjY3Wmx2U2VMOWt4UQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 119
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7702134211281910669
Request Chain 123
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA
Request Chain 125
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg&verify=true
Request Chain 126
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Request Chain 129
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30
Request Chain 131
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA&C=1
Request Chain 133
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom=&tag_format=img&tag_action=sync&custom=&cb=10fe744a-a8f2-4f0f-bae5-e35e0788e0d9 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=10fe744a-a8f2-4f0f-bae5-e35e0788e0d9&final=true&reqid=8cc8a3d0-7faa-11ec-889a-17251f303e01&timestamp=2022-01-27T19%3A51%3A42.477Z
Request Chain 134
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
Request Chain 139
  • https://pixel.advertising.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Request Chain 140
  • https://pixel.advertising.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Request Chain 142
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=KU3AOV4VtaBsYVrfFPfrbBeQzFB83SFH
Request Chain 149
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/fqym4wWfi7D3YAKAn5GDJRy-8TAmie6T/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8699888316075650538
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
Request Chain 179
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL3zhDEACmGxgchkzglfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECfuseyQq-PgxkdhwgVwwq4&google_cver=1
Request Chain 181
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcwMjEzNDIxMTI4MTkxMDY2OQ%3D%3D
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqlLJvi2mlDEAEr50E6m64&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKldxS9c0IL9jonQzx0SvHo&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d03532c-7faa-11ec-99a4-14c817940506
Request Chain 189
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=8d030f6f-7faa-11ec-a88d-129210fe0406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d034e82-7faa-11ec-8d1f-13b80d860106
Request Chain 192
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=8d034e6f-7faa-11ec-bcb6-11a3cbba0506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Request Chain 208
  • https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 209
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 212
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 213
  • https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 221
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 222
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=72058600270152600710584011852019&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Request Chain 224
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832
Request Chain 229
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 230
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=84086700293986800710580011852016&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Request Chain 232
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747
Request Chain 241
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 242
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=78187200264373200710584011852029&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Request Chain 244
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326
Request Chain 249
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 250
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=36531900264373100710584011852029&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Request Chain 252
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355
Request Chain 268
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4HwccI0h0theA6RGxOUI32TNruYh4jVLFo2gra1kKJsh2m6j-06LwuO9RE&google_gid=CAESEJhKxE6NCBFv4SYCd94qDgw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZMM3p3QUFCT1NZZkhPaw&google_push=AYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4HwccI0h0theA6RGxOUI32TNruYh4jVLFo2gra1kKJsh2m6j-06LwuO9RE
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_nLzNTK2LkjHHZZImiAWScBYuTioeVT-qqo5Ms7Zu7zoolcLBRVw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_nLzNTK2LkjHHZZImiAWScBYuTioeVT-qqo5Ms7Zu7zoolcLBRVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDcxRmZtUmMxTmRhTzM1&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_nLzNTK2LkjHHZZImiAWScBYuTioeVT-qqo5Ms7Zu7zoolcLBRVw
Request Chain 270
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAf5vCGi9ISIX_umxii-g0&google_cver=1&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw&google_hm=NTcyMTgxODMyMDcxNzM4NjUxMA%3D%3D
Request Chain 272
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAEohqtqrPuZ8gI08zsdTPg&google_cver=1&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAEohqtqrPuZ8gI08zsdTPg&google_cver=1&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0
Request Chain 273
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMJjIWDkZiVogAFwGat2GY&google_cver=1&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMJjIWDkZiVogAFwGat2GY&google_cver=1&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc&google_hm=e8371f7b4dcc943aa06bd45f
Request Chain 274
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENVCANAw7oEh2Ux6BTJkXaM&google_cver=1&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY&google_gid=CAESENVCANAw7oEh2Ux6BTJkXaM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyMzkyMTg0NTkyNjAyMTcwODgxOQ%3D%3D&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY
Request Chain 309
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1&google_push=AYg5qPJrRlrFmfLEerGxJ0CJAZr_to_NgHjJcWp7eU1ylo4CnnP2HEJ9M1ORGIPYOJjmFEGXyZkpXwjhzqylRTrVPcTTU3R1wXzcpA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5OTg4ODMxNjA3NTY1MDUzOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
Request Chain 310
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENXDOZRVAXR12bDEfF_LXAM&google_cver=1&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAllxOsk2oky_rx9kQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAllxOsk2oky_rx9kQ
Request Chain 311
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIWpOi13WVeCTVVpfYVnz_A&google_cver=1&google_push=AYg5qPLoKdSu85qmOgv6JkKQ75lryQzYXJ16s91sXryJBOfr_YJJEsDRcoa_MIRmSJ7Qbk72ioD5VGBmuoA0ZMYlvz7rrqTn3vLiDw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIWpOi13WVeCTVVpfYVnz_A&google_push=AYg5qPLoKdSu85qmOgv6JkKQ75lryQzYXJ16s91sXryJBOfr_YJJEsDRcoa_MIRmSJ7Qbk72ioD5VGBmuoA0ZMYlvz7rrqTn3vLiDw
Request Chain 313
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPJfQXu1XkEmiG3iDcxuWclZla8B6QSXpC_xDe-SLsxkD35VvKEssklqXGV9Wtw-S646vUcV13fztheEpJW9nUvq3UTNB6xyuA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPJfQXu1XkEmiG3iDcxuWclZla8B6QSXpC_xDe-SLsxkD35VvKEssklqXGV9Wtw-S646vUcV13fztheEpJW9nUvq3UTNB6xyuA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DfaDtJpdSSGRcTCpdRMSSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfQXu1XkEmiG3iDcxuWclZla8B6QSXpC_xDe-SLsxkD35VvKEssklqXGV9Wtw-S646vUcV13fztheEpJW9nUvq3UTNB6xyuA
Request Chain 314
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIg1uUGQ9rZZFJWwDIurgFY&google_cver=1&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgFyFucQJtvpF09jglBLnS4s-mgf9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZYV0QtVC1GNDVY&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgFyFucQJtvpF09jglBLnS4s-mgf9w
Request Chain 315
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-sR_5M42TL3n_2jaX_OhlWUc6jUHwrmiszpMiw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-sR_5M42TL3n_2jaX_OhlWUc6jUHwrmiszpMiw&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-sR_5M42TL3n_2jaX_OhlWUc6jUHwrmiszpMiw
Request Chain 319
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1&google_push=AYg5qPIdISCTxPf9nJqFdhp6QnPvZs3lNgMXhitIewR9Pu81dtP2SbAvy97dTpKMmd-j2RoCsWPkm5c9xLUSgNGc17v2puOhSVxq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5OTg4ODMxNjA3NTY1MDUzOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENXDOZRVAXR12bDEfF_LXAM&google_cver=1&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPunInBn1iSJ00o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPunInBn1iSJ00o
Request Chain 323
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPLcA9TVheUALM-IOz2CR-o_62tIEzlfWiA33lFBj6ISvB-bChhqmIiwX_JVIlSkkT3-EoW6t7sS04quOpZD_5CH4xtYGbmr HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPLcA9TVheUALM-IOz2CR-o_62tIEzlfWiA33lFBj6ISvB-bChhqmIiwX_JVIlSkkT3-EoW6t7sS04quOpZD_5CH4xtYGbmr&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aooziRcoQEyVgJz1tFV8Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcA9TVheUALM-IOz2CR-o_62tIEzlfWiA33lFBj6ISvB-bChhqmIiwX_JVIlSkkT3-EoW6t7sS04quOpZD_5CH4xtYGbmr
Request Chain 324
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ
Request Chain 325
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESENvGmm6sBnFTSShVPD0Oi0A&google_cver=1&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
Request Chain 329
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM2a3Xf1iKJWGpOAY5YVqE4&google_cver=1&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA7wOFGozuNOjNmvXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAzNDQ5MDM4MjQ3OQ%3D%3D&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA7wOFGozuNOjNmvXQ
Request Chain 330
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPKuq4wJrkVm7Ncp1S9SZbpKCJ5j06gAumCZ0Ww1dqzMTYZ4UeU_7RWEriuLiRH4LMWSwO3yzEyhOxlJHm0OeTScMtQoR3JrnA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ3WkOfiDRMxoKKHTrmpSck&google_cver=1&google_push=AYg5qPKuq4wJrkVm7Ncp1S9SZbpKCJ5j06gAumCZ0Ww1dqzMTYZ4UeU_7RWEriuLiRH4LMWSwO3yzEyhOxlJHm0OeTScMtQoR3JrnA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zZyAS7P3SWiy8MX00VVB3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuq4wJrkVm7Ncp1S9SZbpKCJ5j06gAumCZ0Ww1dqzMTYZ4UeU_7RWEriuLiRH4LMWSwO3yzEyhOxlJHm0OeTScMtQoR3JrnA
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_cver=1&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1
Request Chain 333
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_wbzr9SP1Kxuv_Ev9Xtor0J-KSow_mvwegrxQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_wbzr9SP1Kxuv_Ev9Xtor0J-KSow_mvwegrxQ&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_wbzr9SP1Kxuv_Ev9Xtor0J-KSow_mvwegrxQ

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		106 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
e79e2926e2dbc34b81a8517e7891b9096cf0098617563916e57cf35088400e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jan 2022 19:51:35 GMT
dbr-company
posthaus
dbr-device
desktop
dbr-orquestrador
true
etag
W/"1a781-G30Isx9n+FfKG6e2aD/BLMAg2jU"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:24:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:36 GMT
vendors~app.css
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"9254-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
app.8cc034d1d8cf5d7a86d7.bundle.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		615 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
ffc29c6249722385c6d20a999a48d66e4b55e6e465e235f20d54000df3f16b55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"99d00-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
polyfills.6c4275ad25d099142998.bundle.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/polyfills.6c4275ad25d099142998.bundle.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"1eed-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
vendors~app.34695cf0dc5e60fc7077.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		643 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
f40a30e16c70c82abefd586548807814ef7da2563721214af5822f3cbfdf7f92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"a0a96-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
home.fcc9f923176363b12784.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
c48d72e622223e0931e14bf9cd00e5f94e4c5e8a4df2a456d53678a933eb3139
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"3c89-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-home.fcc9f923176363b12784.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-home.fcc9f923176363b12784.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
8e21cd72b0d5aba10024a13614a42e961757d6246c1fb37c8d1879b0f5c43492
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"4d5c-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-product-list.55194cb73643539c1c8e.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
c5592d72f0372c2f237a8ecaaa67eda0064b413098e191140d1da1f41d394d58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"7302-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
product-details.94d0f6349ae3ef70ac80.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
327bec2ec73981fc12954bac138de42bad69d513a432da8f196cf9a40c7deb04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"3ea5-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
ic-navbar-logo.svg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ic-navbar-logo.svg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
last-modified
Thu, 27 Dec 2018 19:29:01 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
2614
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-mastercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		853 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-mastercard.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:59 GMT
server
Apache
age
0
etag
"355-5b5e51dffe0c0"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
853
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-visa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		629 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-visa.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
629
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-amex.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		534 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-amex.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:54 GMT
server
Apache
age
0
etag
"216-5b5e51db39580"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
534
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-caixa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-caixa.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
876
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-hipercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-hipercard.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Jul 2018 19:05:44 GMT
server
Apache
age
0
etag
"303-571d790c09200"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
771
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-elo.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		781 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-elo.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
781
expires
Fri, 28 Jan 2022 19:51:39 GMT
ic-discover.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		762 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-discover.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
etag
"2fa-5b5e51dc2d7c0"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
762
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:39 GMT
img-reclame-aqui.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-reclame-aqui.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:01 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1152
expires
Fri, 28 Jan 2022 19:51:40 GMT
img-ebit.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-ebit.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
etag
"473-5b5e51e0f2300"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1139
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:40 GMT
img-go-daddy.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-go-daddy.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 14:25:14 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
3014
expires
Fri, 28 Jan 2022 19:51:40 GMT
ic-facebook.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		197 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-facebook.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
197
expires
Fri, 28 Jan 2022 19:51:40 GMT
ic-instagram.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-instagram.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:58 GMT
server
Apache
age
0
etag
"c9f-5b5e51df09e80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3231
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:40 GMT
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
539977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:52:02 GMT
fontawesome-webfont.woff2
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
content-length
77160
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"12d68-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6407
date
Thu, 27 Jan 2022 18:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 20:04:52 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd135adb4de548a2495ce949d296b229acc14cd521bb611f4e5da99a61aa92b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85151
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:39 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3583
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d448457fc798fee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:51:39 GMT
vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/app.8cc034d1d8cf5d7a86d7.bundle.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
200.193.43.62 ItajaĆ­, Brazil, ASN8167 (Brasil Telecom SA - Filial Distrito Federal, BR),
Reverse DNS
Software
/
Resource Hash
73bbcb5588755006ce54da1b4e3c6ea5ef3ce1df8d32ae2ebd89aa3917fcecaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Thu, 27 Jan 2022 04:08:57 GMT
x-frame-options
SAMEORIGIN
etag
W/"ecdc-17e99b8dfa8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3582
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d4484589df08fee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:51:39 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Jan 2022 20:12:02 GMT
js
www.google-analytics.com/gtm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=2103211196.1643313099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
web
onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
594f33f4bdb9feaa6e8146c45bb6a4efe973fe83696b5cebbdd3e38d648d87c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200 OK
x-envoy-upstream-service-time
34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a2fc310f-525d-4b8f-86ec-9becee720e61
x-runtime
0.033447
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"594f33f4bdb9feaa6e8146c45bb6a4ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d448458fed98fee-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 27 Jan 2022 20:51:39 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
108297863fee2ce3f6dccbaf0d6a644ead80468b6b36bc1673d5348dd90f7426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62380
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:39 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5423b38503afc1a3826371fc9c296a6d1960bf92954eab6316695aeadda0600c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62377
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
8ae8f48e0089128df9ad8dc2fd7e69a705a9ffc4cfa9eb20d10ef63e50e8b1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27134
x-xss-protection
0
server
sffe
etag
"1115 / 404 of 1000 / last-modified: 1643303763"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jan 2022 19:51:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
goxYDvE3svPklNBgMlwsaQZMD/a3xTxOjLhQpSsrPX6bEHnG1603zukMzYLU6eMvfLq5eF+lhaDV1yzDw1Llyg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 27 Jan 2022 19:51:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
cdn.pmweb.com.br/df/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.230.146.239 SĆ£o Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 18:34:31 GMT
Server
nginx
ETag
W/"61f042b7-4452"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=300
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
6918
Expires
Thu, 27 Jan 2022 19:56:40 GMT
tags
us.creativecdn.com/ Frame E9E1
Redirect Chain
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2...
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313099034&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Redirect headers

date
Thu, 27 Jan 2022 19:51:40 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313099034&tc=1
content-length
0
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14855
x-xss-protection
0
server
cafe
etag
17539559064140624452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 19:51:39 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC53B08F4DEA464F86B0E75CC8FBE2C2 Ref B: FRAEDGE1517 Ref C: 2022-01-27T19:51:39Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100044-IAD, cache-hhn11553-HHN
events.js
analytics.tiktok.com/i18n/pixel/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
52f0b58b.3facad4f
date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-222.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
95,2.16.186.222
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=2, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220127195139010113135233044D9A0B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,23.220.104.150
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc341a247f38a393710aac696649f2336df77df402076d3a998f25787ec3a4b10eacb7e8490b28605fc3a7fc6bf69b2897ade1cc858381c6188ded7edcae98c540a23ade7db5971f36a7f11f748efea29b73a10c9e6b53cc32f2c3d6e081fce048c
expires
Thu, 27 Jan 2022 19:51:39 GMT
logoLareLazer.svg
ph-cdn3.ecosweb.com.br/imagens01/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/logoLareLazer.svg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 14:14:06 GMT
server
Apache
etag
"1132-5a85c63b5a1fa-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=43200
accept-ranges
bytes
content-length
1521
expires
Fri, 28 Jan 2022 07:51:40 GMT
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
922
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930c-cb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72NveV03qg1Xq290hSpPhPS%2Fb%2FJInsqcQIMQEj2TdlzkpotL87pg53ZF0fibqyqkXAivSIxP2tg%2Bau2wqPMT6s2hun9JGbmuXuiCtpy9leJyJ4fKnwyl6Vx0i4AmGyuB4AIv5lCSFy9cUfYc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d44845a4e9f90fe-FRA
expires
Thu, 27 Jan 2022 19:56:17 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
215825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyz%2BmYF5gLtDcW5bTxCuQs7JA0q5UTPIBOt%2BteZyteiwzmqDfA3YoGkDDSTUB9x75sWRXM4%2Fbx9pDJ%2FDux4x4nTLfKaCQD819UbSq7ShyTJ1ZOwDJVg6vrghWP%2Bmgeis8Nu9Sb8bopfyYMkJx9lvQjLS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d44845a89876967-FRA
expires
Tue, 17 Jan 2023 19:51:39 GMT
1040557206700558
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1040557206700558?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
FtspXFwxeL8crmSzVi1/Xb7tOXytser2OjmRv6lIE4KEp+6mJEq2msl2tV+fKdqElWCzXwBzIzavqKNJjNf8WQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 27 Jan 2022 19:51:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
4074602.js
bat.bing.com/p/action/ 		728 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4074602.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be200b6159ecb9277570f66402e5be5b20e2685303d6fe5810fdddd79b4b0d34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AB7CE4BB015646B2A8CF7816B4E18186 Ref B: FRAEDGE1517 Ref C: 2022-01-27T19:51:39Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
594
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4074602&Ver=2&mid=2ee3a41a-de21-4dc5-a335-76740a78c4cb&sid=8ac75fc07faa11eca270c38789999b37&vid=8ac7a2307faa11ec94555160f7ab3462&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Posthaus%20-%20Roupas%20femininas,%20plus%20size,%20infantil%20e%20mais!&p=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&r=&lt=6225&evt=pageLoad&msclkid=N&sv=1&rn=416216
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F88EB81E0904E5F9BFBA8D3C10788EA Ref B: FRAEDGE1517 Ref C: 2022-01-27T19:51:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ed933ec6-8f66-46e3-a7e6-928d0339532b&tw_document_href=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
109
date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b2e7930baa632f6c4cad92d5aedd8835adf05a0026d28de9f96a6ab04df9af5b
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ed933ec6-8f66-46e3-a7e6-928d0339532b&tw_document_href=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
112
date
Thu, 27 Jan 2022 19:51:39 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
13ce6ee11c69bf2a247b212efbbd8c969ebfcb28bdcb312fccbf2ca8d340578b
content-length
43
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=PageView&dl=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313099190&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.2.1643313099188.600763393&it=1643313099085&coo=false&exp=p1&rqm=GET
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 27 Jan 2022 19:51:40 GMT
tracking.min.js
www.artfut.com/static/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1178
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930b-686e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0i7lK7Nrses1b%2BuB9xW5%2F063hsuoOAV9YiAQG86HcmO%2BJHjwbqZ9MWJ1Jm4BtU6%2BXzncp39fxyLxmr40sXdJPapaqOZzMiRmxonLtDzB3nW7mPe%2BbWXxV%2Bwa2g5YKnWlMerZl3vZFAnGe%2Fg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d44845a8f2e90fe-FRA
expires
Thu, 27 Jan 2022 19:52:01 GMT
crossdevice.min.js
www.artfut.com/static/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:39 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1169
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930b-655c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZKsbj77X16t6HYh34CwM27KQO8SFc0ggWyrdloc97oXr1t4Rt69VuYOAWpfZ59HiEZS%2BJJtJpTd0w9KXJLLyJq%2Bvc4ZeRIEKSTPh2RMlZWQFM%2FBkpxI9I1%2BbQuTtN5NhD6Xb1rj5ATVyAgW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d44845a8f2f90fe-FRA
expires
Thu, 27 Jan 2022 19:52:10 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RF7L3756SK&gtm=2oe1o0&_p=825351527&sr=1600x1200&ul=en-us&cid=2103211196.1643313099&_s=1&dl=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313099&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PL4DYBH48C&gtm=2oe1o0&_p=825351527&sr=1600x1200&ul=en-us&cid=2103211196.1643313099&_s=1&dl=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313099&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313099314&cv=9&fst=1643313099314&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65f5aa9b1c709caf85a14a1a1f5d534a7fe2e5ef1b55b0a670b03c3efe3fcf07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1074
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022012502.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
11406d2fe03cea34dcf0b5c178acda7fad399cb1f9b06cea2d55866ab94a20ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 13:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120804
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 18:44:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 13:44:11 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		68 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1dcc365b3af7b265de0e656f2c5d29778ab8d53017cbbf0d658a68477eda1f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:40 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
52f0b852.3facafca
date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-150.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-222.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
114,2.16.186.222
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=12, inner; dur=1
content-length
30610
pragma
no-cache
server
nginx
x-tt-logid
202201271951400101131350791A2F9799
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.220.104.150
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc341a247f38a393710aac696649f2336df77df402076d3a998f25787ec3a4b10eacb7e8490b28605fc3a7fc6bf69b2897a90decdac6b988772c3834668b2bc5cca721e8b51ee43644b76f8ca9c8daf311bdec199fdc5e50dc447e7ad7c5d7a4ffc
expires
Thu, 27 Jan 2022 19:51:40 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4SF02FPECQ6U88EVT00&hostname=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
5bd5e8f4.3facb091
date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-222.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
173,2.16.186.222
server-timing
cdn-cache; desc=MISS, edge; dur=154, origin; dur=21, inner; dur=3
content-length
329
pragma
no-cache
server
nginx
x-tt-logid
2022012719514001011300620911495D0F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
21,23.220.104.155
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc341a247f38a393710aac696649f2336dfc4f46feb375645d40b11e4e1429274e62856ec08cb711dc82bd4efc6ba35c78686c5db0bcfebed4861723dfe4456cc043ccad5f286b8813b1aad0451ffc76cddee39b782bd90c52e05165aab242e0611
expires
Thu, 27 Jan 2022 19:51:40 GMT
clarity.js
h.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/4074602.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
br
etag
"1d811e72bf47200"
last-modified
Tue, 25 Jan 2022 12:29:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
22925
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&RedC=c.clarity.ms&MXFR=342C8A16DE1D650318389B2FDA1D6BFC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&MUID=23270B60AF9763973A5B1A59AEFC62D6
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&MUID=23270B60AF9763973A5B1A59AEFC62D6
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
40.91.78.9 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
last-modified
Thu, 13 Jan 2022 19:51:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3bc6e26b78d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FAE860B345E4A0EA7DC86C1E5C2D92B Ref B: FRAEDGE1517 Ref C: 2022-01-27T19:51:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DFD8DD8A692C4C3EA56366C35A1A7749&MUID=23270B60AF9763973A5B1A59AEFC62D6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313099314&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2384976844&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313099314&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=2384976844&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
709 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7319feff.3facb2e4
date
Thu, 27 Jan 2022 19:51:40 GMT
x-cache-remote
TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-222.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
130,2.16.186.222
server-timing
cdn-cache; desc=MISS, edge; dur=113, origin; dur=17, inner; dur=11
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220127195140010113006160043FA8DE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.220.104.137
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc341a247f38a393710aac696649f2336dfcee539569e4f2dce122ec7999f3fdc7d4dcdc6058b42b71c81960f396b78c821a2ea222938be5e5206ce6b50d45bee7413563ba143dd9cee582a25cd28067192dadf27edb48124c4ccfef620a04cc3ab
expires
Thu, 27 Jan 2022 19:51:40 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=Microdata&dl=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313099723&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%20%22%2C%22meta%3Adescription%22%3A%22Aqui%20no%20Posthaus%20voc%C3%AA%20encontra%20Roupas%20femininas%2C%20plus%20size%2C%20moda%20infantil%2C%20moda%20masculina%20e%20muito%20mais.%20Confira%20as%20promo%C3%A7%C3%B5es%20da%20moda%20e%20aproveite!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.2.1643313099188.600763393&it=1643313099085&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 27 Jan 2022 19:51:40 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=825351527&t=pageview&_s=1&dl=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEITQAAAAC~&jid=2141716004&gjid=1829010839&cid=2103211196.1643313099&tid=UA-46607966-3&_gid=2141615708.1643313099&_r=1&_slc=1&z=1668735188
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv4.icanhazip.com/ 		16 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.114.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c12a2e1c137d9d9a44b0066f5af75f857f02c1507853146687df8a74215be91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
6d448460195f9217-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
tags
us.creativecdn.com/ Frame 1186 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_PuwKgmDpFP0H37cD9O5X&su=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313100198
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers
ld.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:40 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jan 2022 19:51:40 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
711 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-226.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
731a0650.3facb9ed
date
Thu, 27 Jan 2022 19:51:41 GMT
x-cache-remote
TCP_MISS from a23-220-104-137.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-222.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
139,2.16.186.222
server-timing
cdn-cache; desc=MISS, edge; dur=138, origin; dur=15, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220127195141010113006136033BCE2C
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.220.104.137
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc341a247f38a393710aac696649f2336dfcee539569e4f2dce122ec7999f3fdc7d4dcdc6058b42b71c81960f396b78c821abc1ed3078c902a9c7bf241eb717a67bfd6fdc27021aa55c9b753569143e9c355ad0c491f4ccb4764ddd283dd56f362d
expires
Thu, 27 Jan 2022 19:51:41 GMT
/
testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/ 		0
0
/
testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/ 		0
0
img-cadastro-posthaus.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-cadastro-posthaus.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 18 Jan 2022 11:30:58 GMT
server
Apache
age
1082
etag
"14515-5d5d99a5dadf1"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
83221
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:41 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313100312&cv=9&fst=1643313100312&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09fa1c678ea0b9ea4cac0308554e59655fcf952719a10a856c8dff2886f4d0da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1121
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313100313&cv=9&fst=1643313100313&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebc5d66a00c94cb1a7c6fe4a9e8765b02ebfef07c4ceb16872849b9729238a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1177
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313100315&cv=9&fst=1643313100315&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8332b6800d671d23e4d74f18f609c3e4b3483273ad273c61a2483c6fe9b479f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/?random=1643313100317&cv=9&fst=1643313100317&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38acad23717d9b4aa88ad47c3dd695239c3457b44df14d09e3675a13daa0853e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1121
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
df.pmweb.com.br/push/ 		2 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://df.pmweb.com.br/push/?aid=PM-NW3T6C&cid=026101643313099879&sid=648701643313099880&pvw=9d17f466-6771-4a9a-aa90-0a6b526e3b48&v=1.19.0&rs=1600x1200&tt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&ws=1600x1200&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: cdn.pmweb.com.br
URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.207.195.77 SĆ£o Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-207-195-77.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/plain
Access-Control-Allow-Origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
0
0_0_100199833_1_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_1_1600.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
8
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
51322
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199833_2_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_2_1600.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
8
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
74087
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199833_3_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_3_1600.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:06 GMT
server
Apache
age
8
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
66303
expires
Fri, 28 Jan 2022 07:51:41 GMT
img-frete-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-frete-gratis.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"174a-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5962
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:41 GMT
img-troca-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-troca-gratis.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5141
expires
Fri, 28 Jan 2022 19:51:41 GMT
img-payment.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-payment.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"155f-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5471
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:41 GMT
img-qrcode-app.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-qrcode-app.png
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Aug 2021 17:36:10 GMT
server
Apache
age
0
etag
"3dd2-5ca65afa07832"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
15826
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:41 GMT
0_0_100199837_1_1_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_1_880.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
61901
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199837_1_2_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_2_880.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
43613
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199837_1_5_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_5_880.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
8
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
27297
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199837_1_6_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_6_880.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
8
etag
"6107-5cf7d698a8366"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
24839
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:41 GMT
0_0_100199837_1_7_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_7_880.jpg
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.190.70 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:41 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
8
etag
"5d02-5cf7d698de2b0"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
23810
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:41 GMT
collect
h.clarity.ms/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:51:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
syncframe
gum.criteo.com/ Frame 7508 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1957
date
Thu, 27 Jan 2022 19:51:41 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313100312&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1035531979&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313100312&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1035531979&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313100315&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=355591890&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313100315&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=355591890&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313100313&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMdxsAUMlzaUVKEwqG9DR9OSxnbJ-_j4Co1B1Z0dw7J4mpoQy4&random=3393000409&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313100313&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMdxsAUMlzaUVKEwqG9DR9OSxnbJ-_j4Co1B1Z0dw7J4mpoQy4&random=3393000409&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1053199656/?random=1643313100317&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3048866808&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1053199656/?random=1643313100317&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3048866808&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 7508
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=5pUSZHwvdVl5K3Q1QWtsQ21ibm0zd3FNWDB6aDRmbk5wVzNLRUI2aFVaQUVlOUV6eXRndWx2QUdndTV0UFZyVEJ3VjNabTF4MlUrVSt1SG10bGoxZnROQ2lTV3JVN1RxNVdIT3FUZVNIUjNCbHY1SW9kSWJTWFRRY2lOcm...
441 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5pUSZHwvdVl5K3Q1QWtsQ21ibm0zd3FNWDB6aDRmbk5wVzNLRUI2aFVaQUVlOUV6eXRndWx2QUdndTV0UFZyVEJ3VjNabTF4MlUrVSt1SG10bGoxZnROQ2lTV3JVN1RxNVdIT3FUZVNIUjNCbHY1SW9kSWJTWFRRY2lOcmo3eENVekE5WUxMUUR4Zmw1b1JDZ2pGTXFTWlJNTnZncEp1dGgwMEFYOEY2REpqZTUwdlFQZkY4ZEtZL2FtYXFwSkZncXY5L3IySElKM3czRVYxdWllVlNZTXNySklQYW5ybm12YWZmZ1N2cEF5TkQ4SWhBbXluNnRuOW1nUmFZQjBTVWR6MWNydzZlekdIR2hSSFVnNzhHbTBxWlVkUT09fA&cppv=2
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a31b33938fd079e645c62d8bbd3a652ea5156d9a0bce1bcd5ba407182640a32b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4296
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:40 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5pUSZHwvdVl5K3Q1QWtsQ21ibm0zd3FNWDB6aDRmbk5wVzNLRUI2aFVaQUVlOUV6eXRndWx2QUdndTV0UFZyVEJ3VjNabTF4MlUrVSt1SG10bGoxZnROQ2lTV3JVN1RxNVdIT3FUZVNIUjNCbHY1SW9kSWJTWFRRY2lOcmo3eENVekE5WUxMUUR4Zmw1b1JDZ2pGTXFTWlJNTnZncEp1dGgwMEFYOEY2REpqZTUwdlFQZkY4ZEtZL2FtYXFwSkZncXY5L3IySElKM3czRVYxdWllVlNZTXNySklQYW5ybm12YWZmZ1N2cEF5TkQ4SWhBbXluNnRuOW1nUmFZQjBTVWR6MWNydzZlekdIR2hSSFVnNzhHbTBxWlVkUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1495
content-length
541
expires
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMT...
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMT...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMTNrTk9EZnVwUTFVZU42QzdqRzV6aGRwaUgzbEhmZGdFUWglMkJjbVJadGNWMmdZdjU1QmxYYnlBVEFPUm5Ndlc3NWNka0lCUWNVdk5xU1MwNENEU2RIUE1zJTJGaDBjeiUyQktlMVNCd0hhJTJGVSUyRkpPVkU5QnVGMUtENUZBJTNEJTNE&tld=ecosweb.dev.br&dtycbr=42181
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c357f0313e05e270d401ed476c0fc87d34ddf0cfe3c1ea7cf30f9409e81681db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13126769
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMTNrTk9EZnVwUTFVZU42QzdqRzV6aGRwaUgzbEhmZGdFUWglMkJjbVJadGNWMmdZdjU1QmxYYnlBVEFPUm5Ndlc3NWNka0lCUWNVdk5xU1MwNENEU2RIUE1zJTJGaDBjeiUyQktlMVNCd0hhJTJGVSUyRkpPVkU5QnVGMUtENUZBJTNEJTNE&tld=ecosweb.dev.br&dtycbr=42181
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2973651
timing-allow-origin
*
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=817857336881988&correlator=3729604044980223&output=ldjh&impl=fifs&eid=31064553%2C31062930&vrg=2022012502&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=70779096%2Chomedesktop728x90%2Chomedesktop300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C250x250%7C300x250%2C250x250%7C300x250%2C250x250%7C300x250&cookie_enabled=1&bc=31&abxe=1&dt=1643313101262&lmt=1643313101&dlt=1643313096010&idt=3525&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C409%2C675%2C941&adys=2215%2C2227%2C2227%2C2227&adks=1387136263%2C676727686%2C676727687%2C676727684&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&vis=1&scr_x=0&scr_y=0&psz=1600x8%7C1600x16%7C1600x16%7C1600x16&msz=728x0%7C250x0%7C250x0%7C250x0&ga_vid=2103211196.1643313099&ga_sid=1643313101&ga_hid=825351527&ga_fc=true&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
03b52fa0a6a53d3710386ac50493130ca0c4c1d767563c099d76b658d120e1f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26749
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C51C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 27 Jan 2022 19:51:42 GMT
expires
Fri, 27 Jan 2023 19:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012502&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dbdd3b1e6820597ce86f09f7261b33b3c49796a43fb794d747c7dbb2a1f3b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8998
x-xss-protection
0
demconf.jpg
dpm.demdex.net/ Frame E19E
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
Protocol
HTTP/1.1
Server
63.35.20.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-0bd097a96.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VqTEpTIuRxc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v027-03d99afdd.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5MeDShI3T18=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=wSVrD4BYhlGw8ebKpPhJ3OIL3NDpYS2w
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E19E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay10RjlvNFJJY1RnbUgwT1FoM3huSFdhN1lmNjY3Wmx2U2VMOWt4UQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
244769
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Criteo
crb.kargo.com/api/v1/dsync/ Frame E19E 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.106.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-106-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E19E
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.as...
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7702134211281910669
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7702134211281910669
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3626744
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
19baf0b3-af42-4e21-a032-3123f7d33b0d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7702134211281910669
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame E19E 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-kc2_lxIcTgmH0OQh3xnHWa7Yf67l-hZI0RFj7Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Cache-Control
no-cache
X-TraceId
2dbc7e85fe098ce04c478fbb1826bd82
Content-Length
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E19E 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OryAiBIcTgmH0OQh3xnHWa7Yf65VsZjNDwUuxQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13635
tap.php
pixel.rubiconproject.com/ Frame E19E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-g_XJURIcTgmH0OQh3xnHWa7Yf671dYuddVyXCw&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
match
ad.360yield.com/ul_cb/ Frame E19E
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA
Protocol
H2
Server
34.255.158.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-158-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 19:51:42 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-TF3K_xIcTgmH0OQh3xnHWa7Yf64LHI2PRkqJCA
date
Thu, 27 Jan 2022 19:51:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
ads.yahoo.com/cms/ Frame E19E 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame E19E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-EEwNsxIcTgmH0OQh3xnHWa7Yf65tNQv_3Brufg&verify=true
date
Thu, 27 Jan 2022 19:51:42 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55945/ Frame E19E
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-wIxZOBIcTgmH0OQh3xnHWa7Yf65p1doz0whjhQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
date
Thu, 27 Jan 2022 19:51:42 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
contextual.media.net/ Frame E19E 		45 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-JpfSgRIcTgmH0OQh3xnHWa7Yf64liE1R5hiZ6A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 27 Jan 2022 19:51:42 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 27 Jan 2022 19:51:42 GMT
/
s.ad.smaato.net/c/ Frame E19E 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Rfo0JBIcTgmH0OQh3xnHWa7Yf67k59UecMCGYQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
vWlTz2V6Yj9LSPowBGbi0tNumuNw1nET2oMrMZ56hDB5jrqHnblQsw==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame E19E
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30
Protocol
HTTP/1.1
Server
3.121.107.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-107-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-kKD8oRIcTgmH0OQh3xnHWa7Yf67u9Zr47-MBqg&expires=30
Date
Thu, 27 Jan 2022 19:51:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame E19E 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-8hx6lhIcTgmH0OQh3xnHWa7Yf67vOzFVb5BVlg&c=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
rum
r.casalemedia.com/ Frame E19E
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:42 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Thu, 27 Jan 2022 19:51:42 GMT
spp.pl
sp.analytics.yahoo.com/ Frame E19E 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10000569
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:51:42 GMT
/
partner.mediawallahscript.com/ Frame E19E
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom=&tag_format=img&tag_action=sync&custom=&cb=10fe744a-a8f2-4f0f-bae5-e35e078...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=10fe744a-a8f2-4f0...
0
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=10fe744a-a8f2-4f0f-bae5-e35e0788e0d9&final=true&reqid=8cc8a3d0-7faa-11ec-889a-17251f303e01&timestamp=2022-01-27T19%3A51%3A42.477Z
Protocol
HTTP/1.1
Server
34.254.114.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-114-92.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx/1.18.0
Vary
Accept, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/?account_id=1043&partner_id=1048&uid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=10fe744a-a8f2-4f0f-bae5-e35e0788e0d9&final=true&reqid=8cc8a3d0-7faa-11ec-889a-17251f303e01&timestamp=2022-01-27T19%3A51%3A42.477Z
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
294
Expires
Sat, 26 Jul 1997 05:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame E19E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
t.gif
cw.addthis.com/ Frame E19E 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-tF9o4RIcTgmH0OQh3xnHWa7Yf667ZlvSeL9kxQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:43 GMT
pixelCt.tpmn
ad.tpmn.co.kr/ Frame E19E 		170 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-hS66cxIcTgmH0OQh3xnHWa7Yf67neIs1hLD8pA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:41 GMT
content-encoding
gzip
vary
accept-encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
content-type
image/png;charset=utf-8
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync
tg.socdm.com/aux/ Frame E19E 		43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-kBLQRRIcTgmH0OQh3xnHWa7Yf67nJSwaMBYn_w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.49 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
30
Date
Thu, 27 Jan 2022 19:51:43 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=k-kBLQRRIcTgmH0OQh3xnHWa7Yf67nJSwaMBYn_w&proto=criteo","cluster_id":30,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL3z8Co8X8AAF2QWW0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40273"}
X-SO-Ads-Time
3
X-SO-Key
YfL3z8Co8X8AAF2QWW0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40273
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
a-ad40273.dc2p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-IP
185.213.155.162
sync
adgen.socdm.com/rtb/ Frame E19E 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.4 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
46
Date
Thu, 27 Jan 2022 19:51:43 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?dspid=23&proto=adgen","cluster_id":46,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL3z8Co8IwAADyDWhoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40315"}
X-SO-Ads-Time
1
X-SO-Key
YfL3z8Co8IwAADyDWhoAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40315
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
a-ad40315.dc2p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-ng40.dc4p.scaleout.jp
X-SO-IP
185.213.155.162
sync
ups.analytics.yahoo.com/ups/55945/ Frame E19E
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YKCcXhIcTgmH0OQh3xnHWa7Yf66K-valyV6nZQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
date
Thu, 27 Jan 2022 19:51:42 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55945/ Frame E19E
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-YLJSNRIcTgmH0OQh3xnHWa7Yf65g5ALJNMQ8JQ&_origin=1&apid=UP8cacb855-7faa-11ec-8703-06469849d4ae
date
Thu, 27 Jan 2022 19:51:42 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:42 GMT
397596.gif
idsync.rlcdn.com/ Frame E19E
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=KU3AOV4VtaBsYVrfFPfrbBeQzFB83SFH
42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=KU3AOV4VtaBsYVrfFPfrbBeQzFB83SFH
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=KU3AOV4VtaBsYVrfFPfrbBeQzFB83SFH
date
Thu, 27 Jan 2022 19:51:41 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2911
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
container.html
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F480 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:51:42 GMT
expires
Fri, 27 Jan 2023 19:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A036 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:51:42 GMT
expires
Fri, 27 Jan 2023 19:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B5E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:51:42 GMT
expires
Fri, 27 Jan 2023 19:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012502.js?31064553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:51:42 GMT
expires
Fri, 27 Jan 2023 19:51:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
setuid
secure.adnxs.com/ Frame E19E 		43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-OidKyhIcTgmH0OQh3xnHWa7Yf660FQb5Wxl0rg&seg=95287
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
01b9312b-6c79-4bb5-b9b1-4c6fdcc26f2c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
spp.pl
sp.analytics.yahoo.com/ Frame E19E 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:51:42 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame E19E
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/fqym4wWfi7D3YAKAn5GDJRy-8TAmie6T/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8699888316075650538
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8699888316075650538
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1892045
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8699888316075650538
pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1FAC 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F480 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A81sNORD26O3yYhxzRQ-OJ9csdma4EqpJGQ9PcMdtgsbrkFL-zH1g-c9SpayRnhx8Kn0fluZIQXUFOvqa0vTWA8ESamZp_bnauh2S3XG_z8xvyiZJ3Sci3tjETSkezOujUQBuU0zUv4FOXWpdYetG1GqSckg&cry=1&dbm_d=AKAmf-DXZsTy6KRWl1D3aqTmRIe54KhwOCfVHow4eiDXAsFt4TD6hgOQ0l-Ur311-S0ZbaqPw3YkiAauIYHsvFQK7vf1UQa9nNtgBeKtDbsqlsTm9qaZ-GFo-gVKv_KH6Vm3iMWzQLrabukzvUHiZV5eHx_1kwv5eo0Xv8rE_TpQE-FpaRD1vMdl5gphylBCr3GfwftySeF1ujN9MPNVLdpEOSaks3-rlwkwsdcY4PcG1aM679WvDapLjOO2StCmyHXdqd-hKZCj8owEHqRbwT7tvpHW8EkeiPYlMESZzA5u1Mtu7GhH4qS7ziY3uzpC0ybGJyufNhk04of3kOcXW6YF9fAVHLrfnVLP4J5KNu7_7ixmxX22eKRyf4mNQk-kh-YkG-m2ArqqY-Q7ccl6vsap7L0jZ6htOjRt-5qn9zoKzzN8oRdGcKDptm2vzBVTDC9otNNiXQqI4IOP0l1OiPrN_UIBClTqrp60gY9hB7v5EGuxFEBcCHDHuhONwxFLKI9jLpZbY7pjXJfry4I_KJyniOcZE7EegNkH-HjiREm80KcgbFFWTlzGM6a84hfZ4WUv3BoDAi8OqAnnVDl5TWKwlbuDNQf1I4LfQM2xwbtjcqEVmGl4-SF8-YqFqtqcBukieob9PKLjDRlj6iZf47YxmWGAlhwvrv5lxAsxoQZeF4m1dHYA4VwXsL2wie0kDdRFssBAYpETxMCIHzVycAqXWMloswcLDtrcnCPCRI397x3I0henIjSyiFb2Q9sJNRkXAYR3zEENO5A6vXLvq71658nrV9s8oQkpheBtN9sZnycYAL6kCL90_jqqn1lA1_Yq1hr3XScY-Sj_S9soAh84v7O9O1yvB101nfbyEyf4PJLINDzfVqgMoOwReYstxILiQ867xskDx3N0UAnHyIoWUWn4HxSuAriEQ5iZQVZJ4XR5RoNKOeoMS0lxoLK3p-uYw0WtQJJ8rdBAV_ol6cfc7yPR74J5p9dtroLHD7FRo53-enP6i1281EWTzJt977fO6Y8_KXZyQrEYWtrRqqEXzHm8WlpRqBLMx93Tts2paa0TGFpRG7qBSV83nptSO8h_1luk3ri5xzzjrVeE4S1Fm0OINdchqvlMeZRX7StUye7O8TMvKq-BozOxi0lCAdBuIlOJ7liYsM1XM-4jKTuZ-rpyh_Vq3k-9edhCqcEJHGY_NXn8WHrVrxn-HMp7yFqjW6geCXB8WRDVD5lFK1bHjHHhz6JhKLScZE2KERwlDIOB-eBhTJE1VcvZjiJo5DMZi9LpiQfjZ4GOJcf75T6Oc-AN4IzSxGqQKFOhRsrpCOr-xtuR-tIsaf5EyTjNyCPoAMAUe3X-SpGZ2FG8ytrmUx78Gd6gydQ7qmIp-VxMNLn7ciwDzcFBLYPEScS3cphXeCgU4Giz9S4pVJFkCGcrqAZ-i0KACSL5Aty6Jl_dwg1-0xR2RYhWIEcdvKnNoxOpwMLRHJCeeSOiaZ_Qd998AcQ9cf7lJYCW6E1-n1JDAGEO6Kf9oYsVXWx6pK81KMxVMrfbZKBvuFW7_wyI45OC65y43_AzvmU7MasdTh7axLqNMLRE_WAM-V9ts7_hgDjnQ25v17raPi2EGHBd-EtQzRBTTUpAiXBy9JNEp6RZXA7vT06Gfm875trGhi2bOVAebpzfZElIfxFhRaDQjDE6yaqez9H_zvnbWhjZkvB30JElwOhQCvGx4pUUTjc1F0XZbkv7qNbwr2dAaa5fsgzEU15savraXmCv7ufP2KKeQOSzG6fffgw0_YhDbwPUGQhGZ7T3fSNF-QynzxITYq67OTfI3OP41zGH6YnUlT_5751oGSDYpzhDkxynXibZePDyLwxdSZp6wUaFXrs6x-otakU17O5q5YEiHHinL61goAGZ0KxZFHFM_19hEIbnDwFkPxQgbWJR8NR-o0xfps7F5QZ6VEYp_ebknRmFEq_9SCsud5dd-Ply9LrRGn0OSU8q-gB05Ppylr9nmdizXdijHrtkpdTql7yWvcMkeE8Us4fC8q8cfxIChMMj5mX5s5WYHG82NvsDajQ_4GqV6TgeunRPfJIltMPBmk2aVdyQ0u6yH1vKvHZR-C1dKFWnDWhHr4ZYf6ofnLOBAGuiv5cd1_Uii1n-T48u9wPAHNhDK2opW3PoqZ7CqHsX3c-TDc_P04pUXHE9Lnrp2SW0VieydNKUTu4LsJtNOMZJYYfl5zhh3SuHABUs1gyKHfo7SxEwyQ8sYz4JKz01XeDOZoVpnhKwAZ08b99vgAWHDP3oMHhecyXRpGTaDj9Jd2EwKjaqockCFoGlmWrIk0QmX32ExO5WWwhRTxi2SzgBqRoJY3r_a1p6eCZHrgE1RTvc6u1StweYtkruJ_JKFi9xdJ6pYyY3yy9Y7OKjw_aPkFba0ZV12STmpH_1cSYTT4VfvopcS6yjU6tsplfhh3zFi-wHk6gojxY7rftDfvD7_vp5Ket4gXPaKJjjQp9wZKrNDco0ojSKfCoQFMSLcaeFYRbCGGLOL19AaXYv80NPq4e2bY650f34s6Ow7aVEps1saeJJkPQAMBhcSNVmxzshM09pkyZ88HIywUPDcxoCe0U6c4UmEvYKNseJGTZhzRwqKtA8f1Rg8ueuAS2LdgwAAp51-r712Te11GvQWBpRTPyRReHmCi9NI4sJCCrZsmt5p-CA7PaeOdhf_B55Pm4S7dmB66nqHlxlC45JsCfr-f9l6iO5ACELNMISAUdXHetzVImZ0BcW-jKrO7LRx9O010VklZ-W8ZBK6_L1UrCknh1s91q-Z-13ZPnjvyRd7djyEjq5xCjSxRjKrOfS-JPUrIf4i_2mXppMd-4WxWT5lr5Gdy_JbA9Os2ornpfh_hTydjlgoDuijDdiGs9_R8-bhLGqcqOb5D03dSiV1i2eRPhE3m7MLCwWmQxFF-_Kl0cl7zNoNEfRTodMF0NgebpEfOosSlpJvQI-RET12Bda3ScxgtaI-LSHFRYY5hdNo0lupvFQ2TIt0ZFeU7TiOYWb37C_Knc_chm4ZOsOBlzz8XK7GTphM-s252hGYWzlNI6d9YoJmglbYl6ScybFF90eZ2X94ylKCS3Ww0fF1kkXtIw5WwUYB_wTAA1jog299-57rZ0gXrXGixLe18QPPCvHN_hGlxNEvEnXtHbnVnVC8ocjnAj-_vhBQ0nXUd_R74QUUpRGlZOGevtL1R6Iyz1tWCLfbLcgT8C1l2_guKrnsWwdSM-PFACFAeXFlz1gYxuQptsJ6uPnGtYm_TkN4VStPSKIalsZrnVFsR1RzXyD88sv_xDQcJeiudrTB1YCKVtExPBWmJYGVDlluG3zuQpwdhmylFNsc0aZJrrOetXaLSyjl1RnKq2e5ew&cid=CAASEuRoLnAAkDQSe73Ywxf5KBZybw&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be13a678b980db27e6cd288d7c01b618636fe5e2a4e48de11cb0607333df8c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14558
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F480 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzruCEOe_Pt19BKqQ_rlgcC0Uu2o0ZP8u3aTfMbgcU8jpPMV9vAnrq1_V59llxacXidFy377toQMDCCM8byad3nKiEr2-vcjWM-hZa2fVjWTkzcpM
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame F480 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:33:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F480 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame F480 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:41:34 GMT
l
www.google.com/ads/measurement/ Frame F480 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLPRHIotIrzyfYiCc78Jfv9Y-r3dzxtv9iuT-rAm-sUzMbAUPs4pkShCNVBMIQb04ZO-EV6y2tqoEEfCyTPUv3lcdnjg
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 07E5 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:42 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A036 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6WL9RUOEDEAvTi0Zah7EYO74E3v2ak7U2SFr1QRqF4QIKM-HTLG0c2SivhAs3OuctulwnMDSdyyVDeFXO6lcF4T5NK8yBCdpwo53zovhfSHLzmThV1ruVEpzjfwx1PVAw_0Dp2S6XH__qPVrw5LTyVOMZsg&cry=1&dbm_d=AKAmf-DkdBb7e35qLMAG6vyFzQ26f9QnhyZba228x5A_yQSke0Jztb7Z2SVQsmadQm1Y5cdwXKdbPPhR0ArVkBi6_LZjNYK_OjdcMQNX9FCPsklJJrC5m2mckIsdYaE3PdFBicifhU8VRJjbyu6eVKbFvMcppOulmtLgcxB6B1K2Jf3OP57ZfN2hnpuiIq1Z-pD3A8dqFEFFwbdA9rswJl9-XmQl9-BC26Uz90LpA5NeGGjjAQ9kkclBsFrzHxwBIJXCBgL2ZKf_0ikGQOJMzzrSuRrANRDb8T3QMp6ALWwciPiXHpXXlqa8CamTC9wLzCeUxk8l75tip-IWJv4woEYcN74nlgEi0k5y5wU3FGvGs3PiHo3PAaFPBrXfIgzSyloK61kYZAEk5oXAwRMdt4LzUqfo7zk5adizzvBEN7W8OqBYT3NgnwpuJHMLIY1YBtzy6csz9XwKm5uBMPOx1f1wadW6frEl9vE9Pz1m8VgA3EmS0dq7wtdYSUCV7G0pHaPxtglxjTrwIRL8KSNyKSm0Bo7hMGRMfhAO9-d2ET6_qaGDjuHDHfpU4d7NsLhCPaHoo9IkkuW6GjnOCjKdJbXqPVeeK9U2QH8tyttalZrYfI9zOBHu8hXEveUPcrJbFrGkHQIhiQZFm48qbF6thH09Y9rSY3cQTaU8-UPAluFjyAGLH9HYGXgha_LcLIcjQNUA08H7y-62oaWvsjZFQ50xu-OzB2qRnZlnML8W_9-6-9OBZDchNvlToK7TKkjWpu1NUVyaMZj4zxLl0Q1XaA_Pz5efOmjjeatryyU3dWAXvXELQ-s2_nC_dVYae1hHZTxyMiUtgeXhn0UGAtnORA8MkIpBxqmEPBa_sCYGwTxdcBPNEkzTwoJDSaMWSNEYq628LMsZ1bQiz0HOkGK6tG1mEKnI429BjuHpTi-qLFO46YJ9fej1a_7MjmMtx64NqMJCnjY5CcAPHaPhZx6C7KtnXJOGVlpb_EypHR3PgbnLi95IkRuVKxcTeBPHP-q3F508ShCdLushxNxG-XddtOnSijZW0Zva9Q9PPJXcdO2QksMsMk3iHhJ7P7mhdUGrGbZ5_hKUIBGsC8t_SpERadNIipviq-X-INmjJy8U6T6ofnOmzk1QGpWTuAiYeGS9Rw7Uqmt2LzHVbdksfb1QhYhQnjS4NspUeT8-fyNko4tZXz9RkkyHctEQG6ZXTFcosmOuhiHW52NC4mpQQuA_5aqRP2TRWiZ_JoD3dfBI1dTgwwfyHa7F2tK_Cey7IQeG0haYXIwLEoZlNfL-J8SkbvPxaNmcwpL7xMHyM4ZkjlQwFRR8CqC0HawL34LmJJM9M1az2NbE42ZWB5sVSQgqWMBnw1-V_kZD8EjSbdMTErsDmOj9u4MmxvsArzV8qO-ENPy4GdL37Rb43ej5Xgy4tJZdI_1qGHfTgai3UVc_IKCtbnix0WSFZgXOec86iL-10U_F3_2zittwUnRDAp0bDUIGY2WinFboJhaEFZRzeAii--DX4Q23OEyG-sZcERhnbnqBRyUhc5JOjKGttiJn4f_aUja_UyEPpj2v_kFIvFMwFEgeVbjXhuWRgIyw9VY7n3RBTKCvt0UJRMFeY2OJf31jlh8_k3Q8eQJksQapnJxUixL2VOs9kovH4dd_azekamYIoj8BFgdCfeb1hgTJTneZ-mtO3oiuJ_PIfdqRTs2H3uMBlxyp7rS6clzR1ZKiRIn3ccq6WGXDRSBnQL5zuwK96Rdx9PewKlHSzPx1tSSByLc1LkTlIRPMDYGGewFC53ISpCDUarRQOeJ-8sNI-sPKJwkvX70EqXK8n87H9_f0IFpHqkrdyFYTFWjCCq0-N-ei4yWG-s9uyyFD7e2KPhX6AvXWBMNxOURl0lx0XKzF7mCDcpMRHPead90GT3fSXWwd_TamP2aKET-LcORc9ARvKKDa6JyNp26z6eqVKBcdIM8rrGL4mHq6ucCUcaOaN1bzYGZYayOTB4gQVPQ-9QrdbjEscJEOJF2vxzpg0KjFDUeLTe05cvr2nw2BNbub72eJymjmmt3_zfX6BEiR1dU2-XF_0ZjS92HGOHFKJ_1JUi456NucoFj2VjdrRmPpc8TaQVanW9KLiQr81HzunFezOgky0TDzCMBOo1By4uGTxHfvZvka3ErtGPexIU7zwyiVNOQ3xsBTzF3M_Fb1a5mCvMvNGjHJz6Bhx3w1ArpJO1u79kAsF8ceKB8N1iBFQZ-uFBTA1HBo1y-z9MdCh9nZ49shu422yppGJ-iZsYZtmfz1WSmAjCFOkMNviUFdgsEDwEnv8RL73eclF50DKq-y5HDN5rozT-Y6lBgK2jC9OVy-lNZBq7WB2O7yTudu43IsALLYeFosIRW1e86GG571i_9WDBW1UFLSsWaCQduEj1UXMKfde_VkmOZ8b5ULS7pDy2Y0t-fD0o0BQqoo1FOaQiiW6KfG-CLTFGRBkjTALv_y2xGamAtnLqkegt4MyY_4iUAKYbw2ej8QEGUVLKnfEYZBNOcu1jVLkWKIbJWIpcxFUeKTrYouFqppL15JABuAesUV4YEVligPaRb6j99-dwAwrC7wj-TSC_9KEjZBxYrSzqhxkxzgO0ugyBgQOYfCdfKmJbrI7fJr_Ae-jvvWFmexFY5A7soYYQWkXZQ3b_AjQ6RLX1929qrUEoZysxRl6lJJDrW94G-1LGsFwelMUSwda6DldOe-p5CPBUvSJpScpDU21T6xvjxDryAlrwL6eXH1HqrDjyJGXzzaFLnNiGss1EvlKomvjEilBOiYjPj1wh3gQQ1k7aQ5aq7IhfXwAcoe0qmbZrD6-fSme2doaUNLk4icGrGmSje10dDb4hjcxm0XziLhHUaGH98_toWokkOVV87Y3jpELmZ7Q5LxPJmhOBLZirzRvjkj2ChTuMEDW-Qt3J4kTSGkXRZbiPIR128qQfY002p7cdzr0j5yjJOvcwmNVCT7Ewb8XNIZzLzo3rOgRjhcThD55NhiCtOhvUUAiNR26T6_cznl0tKpRCLCgaVT3AguHYo8cF0PPKZR7MfozxKyiVPBJoBGHr4LuyMFv-e0xKYjAl3GECtfzTjWFyCyBP1kkltm40GvPNxtAc5PXlu1up2fBO_KB1LGT_R-vbTKcrsd-VACUYa76bL2eB0Uy4wuMbMykZEa4AVCiAQcjuxgAn9IvnDWwKGwe0z1EgIfSBp3H_pmtszhJR53mfm1mq5U0f4uNN0UpmxTVIUIHLrX4RDrK1OlwwTVxZrOm_QxaCWq7BeHXEsW_4VuiNhdapJQ493dBf_TyzUBjf_6IafSawcv0yaTAZxXbYtL33KeBTgdsx6bz0SKHcCmcLwJTQ&cid=CAASEuRoDPtqKqS-7bGY96v0pFv2SQ&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05e1ed9ef043a0a400cca00f86b34c3ba58dbd44ae7fc2a6fafca95c4f41788e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A036 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWEcNib0PeeUng5uoFLvYMoH7oyvQFQcJ06o-Tg9IDt0rh4Wft49FBq8rDwUpCclAKO582PrgPxyZfArIBU9rKgORoGFDAuPst2fT8ovlIjJ3WJiI
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame A036 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:33:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A036 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame A036 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:41:34 GMT
l
www.google.com/ads/measurement/ Frame A036 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxPsY5vaL_2FT7a-VOUogDvTcMINfhjjpt4wdExqQ2ERR2k9HwaNb_dV9n6xsNGIsmeBNfWQmICzA723Cc1Baqb3Ftug
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 07FA 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWZJmJc7tbugacpFqZPocuDQN_155pBUtRLb9wd5I0tD90TvZPEKcQlQhwRbjY93u7gB1lZO6Lisz1mIRdXhGk3R8smcxmq8Tslm7A3y7Xx6iocTx4fQeiq2FtjV0jQ9wvkqsm8ZYgu5uHNbTsEv6S9kDuZN_q0S5G8pOa0Lzg-KfBHIbI
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:42 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4B5E 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CslF9F2JIUvzKd30oOCbzNs5N4-ffR7j1wqrA_-lPn1-SbfLlsuGVRysKS-_JOwEJlo9XzQE9iMnd_js-YAR_e5PEWL36G7JfASKMhKtSO7JVbDWFdBNIFFx7_WINdrKf3p8-436LvTLxUAAzkhYpMMSVpcw&cry=1&dbm_d=AKAmf-Apck1X0BGVPxcVLMMs19IFjZjev5bTX5HBymuvvmJmjrxJw7LMYPi7f_5hDu_EFAl94DhMjZK2JBleFY1isdCxfFCgBEdoOoi8mvppCx95xp0Iyy458IcLMt8cfrZMmOaXmQ79TXloCf9A3UxxVBimPjy4C12KcpUj8MzPdAzOyRRvD4A8oWS8Z4aqMejZJlhzh45ScIDIQGul3E3z8RIGxcrBRUOH_8i3Mx12ZZhxNtydBBcQN5wVQcG-VRmLTAtIwiAVpVE-wP7Lr47Xnnx5wWbSIILaZibQnofEYOi3GJhtIhVhcjuYM3R8wsnMxXruIJ1zvLNIFlvVqdguH0vY_yyaoY25MYTzk0BfucT9y91ZssOyQO-YRqG7XLfUzaL2eEe3IjIwNBvgQ-gbtAq89KOT1saKovgqqafYpMFfVqY5YZ18EWU_bJ3tej73874uHuardm8d5YjIRwAv9IUyviqGeuv81y27dTFdvJp-FJ_Vn0xbxapBdYsVwWFDVjsdxAbb9Bc4bzSLeOqHUesvdIobcqOgIFCNWxnnbHznBkRqP6_rHJkSTiSGOpd6o4dBp-15NuPhoiDLY5wtSNNVZf15aP0rNXfrqeHikvIjq21D7A7KWvGYWRovX35653TLlbczg3TU-6rihZ3_5vkfBwJzgOc3qbBR2aIlAE97e1WnfBG4dWA_PHr1yGgyglOpwxnRQrMRZiRSOGrCloNljYl-svwZxtUgYH0LrmhinkF6PipjAdJVbtK37-EbpS097cQuKRf8oh2AkHfQx2QZNqDkFc5JFnzo49c1EKcssTKU_tt0qGRUAXAtMInZvdM8i1BRRNPCRv4XCpWfC0xpqyFgPWz9LpIIfLFzGRTPt6uPfR4AvWe7l2qDb0flD3p6HaLJxOMWw6W5rvBGtZR2QczVfQRDjo-yTP6D7W8O6IREv9dDG7munn3ZcuHNTrP6qwO0T-6mTEk-28ps5rDwu6TThe8d4kx7btIjnkEJa7VKHj6VOwmmBJzx9zSkeLjDP9hJ5ixqgNauU2qX5KWVaTpvtkL0ROe8G6WEMp_8v3wgj5WoqmNBNER42icVq4n1Nnus9FQwff7l9ndjAsMI_fyPLcPW_LJYmQspas9ZV2W-rMf0Ai8mJZ1lNGp1y7KkEhArNAvgp1Ky77mQ_20XmjW7TnM8suEtSH5pTybmIwkEKyc-DiHetWV43XxMOsRYWBsHGLrRBup_VQL0lPtJf48PLI6VMTkahF5d6aLBbKYfKPO7BzD1eu72Ylq3iHqis4nAqkMIl2t_O1j-iFBzuQ-xix65AySPbV82shO86o3MaqmRMLC0ieGMZNJuwTg4oZGb_HybOq9bOBzV16ZG62CHVQXhN1l_9_p1IhD_-5UvJ5qTfur0W-dyA8tQVvsXGIfZWKejTJ40Ue36hQvOqvBGaDULder4fzbGSVanAq95EJfnwnlv13nLDxWBSktysCZu4A828b_MLeFqKClJnbwdpy0CaFEzaEnXyBek4m_WOab8Gh8KsLn41fAzaEAC66oQ_X6c7NvX4WbmPGg3R1Ow1GQLQiFfKQHnWOq5CDGe8cdhQYsl8Nj4SdFAqguj9Fs6XimJ1M-z3CkNuws_BbxL3W3SPaY-zOGrCca05PnUDRrM8_IEtSfCCdojoWqUv8jBGP-wB_MHA6mb8l4usW_5OTZm1HahV1dHOwUr4bNkRGJ8vn1XLxdReUT-7Z8gE5lWw3vwfkRQKEF_MDi6zX3uRapvu5cpChRQctu65DQQfHeHnU0h0Ztb9SD1ncH2kf3SZXpUvQVTDY7cSCj2nQ53W6MAqtk3HSAGkvD-rebkdphC82XkL0vBsTCqjZnUi2ZSHdeqLJO_ir8aeXDHkbr74gLVjMVnDZbTXeU7Ue3Shps9ujh1PT3rbO8BFN3I982mKYV6i6TN31WmjFhROEr4vGoL2QTIkJ-kKTgxvShCXWg2UF6cNui4YjCxp273mMEJsCdWyUHmVQ1MZm3pmZqcsYwWR8Juvar70D4PS2TfPKIzgSqW32VxBx1bQY0zlvC63haNNIkG0Czr20g-QoQ3RAz81UMX_BB_q_h84x08rBEjMRKSxsLgc43KZncTMLVSMJjWVONSlV4LWrN-tXVhINOn4yN0JF5NU-mltMZkHCItDghht3HqhSTW8q0HXDHx4hlH5r5NkbTJPuC6pyFRl57-EzgNP42mrcpBStr99XS6R8z-c0I6WTEuXTepGt-JzNNW_efd1J1u2RMhbF4DnekLAJ7IIFcszmrJB8ZFPNwAZFD_Bu04iz0gH1dIteId7kUeIZbAKWZqfihSsgaMML1NpAAs1HdxyOS2I9MkbqKGK6wu5ok3iuk0vUkEdz_16yKReyb89OF8i7YL9cH7GRAYnXTamZdWMF-KjMJh76F0MY_ymMVZ3gm5nUo--fwmhmhe7VV7vJZ_S0sGwWliPPvanCNaa5sc2myfE0d_uiQWj5CLr5ZcqcKE4G_hJ34o_i5HYVVnNz_65oQ79AnbssKx5oiaj5y5wj9Ym7MQC3EYXKKfOjYfZHcjS0XFFhTmi3M_z1uschwsYqNxNjZKI-cm73KoZkanO-EROBuAudfEzT4nQR9INZ4HYQoS-U1PH7Uudr8XiHyqSZdivH-yUXuk0tLV1fISLpakBL6OZmsHg8lORbNjnT_bvAqWcuooz0HK0NmcuERMJIC9Ex5TzRov5xJ_onzp7fUSh2Zbr9BfkuZPHQ0NzMJVZKwjbp1DWamoHbFF2eZnk1J9jB4ejDsh0E59A2_DjpmZNAHEmh10NLEdv-N_fZrZkcSmC5mrtO4qgLG3F1nKRvjBLsQQW9QzNod7DH1xFbyt18fg1EOlfOGsntaWPPNgGre-JYzjiIYTA_kVOsbpZBlERu0D-66ESDHIXCHSdZGOTzbHd8QIrXgtRBMyUQ_C4UXUT2P8_av1ha-euNrhG7TR4exxxwePM-Xq26P8QaAw8BqC4iGv6SHGoPRxjuqUStcaTFe0AAgegIdbOZyrtjpdxH5N46dY5tGLlTeEysaszt1gPrRpqW8ZFRznwqA8Tcd-KcIegPceIZaSxCho5jeoDiPcSoaZqZFpwa7cfZvuzPls4Zw-XrNQodrX-1YGLThxSnmm7sYv27jLBeTNvN5d-tHHtnquAxex3A7O93xNViVJbaS8dzGI9R3uQh2XXs4vuYbAWRfHPuC4E10lAiF1xC7dLdQNad35koX30RP3VrX8uQQaZTMEqZiEaorbSSXv1kvr5QpMujX7i2m9wh1l0GWhU95HiJU2Arq76vMPm2p06xwA-E0u-R_IXgEGS6HN_hcVkHK4MU04cMI3ZodvE3p_qzaBSa9h4sX24A_prDy57mk&cid=CAASEuRocvXsL07lOHVBte7-iVCg7g&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1696575268ca733e457a0f2137208a4c499e2769834171b14252a17f71094cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOHbjW7F3E0rTuZnYxWc5q-W8-C9wBLPCO6HJOvH05Gr6fgv0nZWXK9GhTGRIioK25Kb7qztQtFCmjHE540izBylLik87XBVpI0Ad9NEidLiAG4tM
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4B5E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:33:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B5E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 4B5E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:41:34 GMT
l
www.google.com/ads/measurement/ Frame 4B5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9FEbijt6UMDLWukezn9J3diliqrRCIHS8kT6VRTQN3VsPIHd6n-FKnqwHKPYR3jnBRLzjWpuQGsUy7Xdah85AW8bZUw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7D77 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWeHbT86GHC1HoH8XJNDuapRNj64WjqdXD-j1pnvRKSar60YmWWRKqiY-ciihpNAyQq21H2uOhwdnVWEXLfu0Q5teZO5zMpLG9nOrFp2KK8v2D6FeVcGEwXG6dJTNlXJ9G_Uq7IKh1p2_4KcyPOIQSidm-Y50zgGVNc700bcb61ynFM4ZQ
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:42 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DF96 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuIBKucVi1LbOk9ZV53YTRm2oJSOBAd5G5OXOmAWSDxFL_xdmGoHk-cobTJOO1J8Pz0VealIg1qIXUi-ppGUTFdJD5hR1yXyA8xmhHIxNFHtwj5RzqRESUaBDWnpFpmIUxmC41yVALuoZ1NFx2wVGyr_xMA&cry=1&dbm_d=AKAmf-AFptNKX6UsinVZNlawvLqXQufwIYooEThpXMXYjW2hTWKPUqHFyrVuZtoJuXRYb_uPmqp7GmVnd80tqySSBofiYLqcNp_ua5vIQYcrWw9UvemM9moHNWT3qLWWh3SGXRDDmuJq3UljHNKlzROPnp4m3ApouxHgurEjSZJfQOU58osfEt9OjUCzRT2_x9f5O0G7GCU6l4GwraT1gPeIPF6GVDCTqZ2lSvTPg9-mWUQmSOaXZ_YQR8gBONNoEBOlFTQPgwfW-unvkfr-S7JR3ZFR-L4JWIxnjWWdkfyrlaw3AfckAIHxrn7p6uz43ohcedtYY7dZHfeL_RBPROiSxg5xhMRJByaSfKT_K3rVJryv91mhTwbfIYn0ZoDEYBbBxmTg9oUnmGK52RUfEI3MyWBLXSsBQB3MNT2Xau7rW4g4-dGSM-usGZW2TiKXZxFnQ_OJxLUGlEQtJ4PcgwxXS8ktR7YNMPFCYml_fY12ps1UeqcarW42VBITZQM14J1WFWh_jnolMZyJUpz_XPcZyDI6UcZNc4QwfT3Rnkju38gua0GYtG8I810IsXNtvPvtDf7CtlWW1Vew80w8hU-ldtL4lVNXdfAQBoLbcrHn6Naqe-aYTzUNsEvSbo6ENIOCEDsbpOUqUkDNC5LcyHjt63Y2zomWQQo9Q5YsqYIKI_VZpJvu1-PM2G-p7B0aOBW3-0DNgLDk9clRiv2WzoUOrRmNP7w1TuK2S4Vd0_D9PHYO6ihnWR_f1FXiPjmY0XBehsS4beA711THWaBHodueReh306n4WjLHmyymdn6kEh1KiFqwagzyCHDcasJTXr5AQitvBdDfnH3BykyOwSjrWVlZWT3C9HY9cElE4ltcAdyXjDKHs7ug14F8ATrhfyssRLUEl7G4Xrl5pnmNfAn1j_w0NFYH6cTmJQdlx862i9xgqGCoREGhXheczH4ZRm5eccZAwpoDjxJqMrC1b3Ki1BvOpoxkwlmPGJwuLCwa71GBAJfXVbDsQ8qdp6cpie5TlQKdoqb5BZ2WEr06eQivDVTQnCcWKydEul_WYRAtLyMKs1YtuemoJR58KNnZlcLymiHvlqSLJ3u5kcsyRJ4ru2stVo_MNRKmJW0jpAZTHVjtptxo7ytAMBqEmO2iWDgSpgzxmKg9Nq2FLcE4jOSxaw8PPnOMEXdW3sbltdiVl7RqIKYevNQCWO2_sapjZNT0aPI5TqR7ECJCCDmUCeFQP5ghSnLqQ85XS-VRjFOrFy6FwLNDX4zKkzq3ovbUS-1gOjqPYk0rsqBnZrqvPV5uauxyFh_OBth5QRFlKuvjGgvew1RvMguS0c2Ha6kOwpJt4w4WjKdWxeYzABeTAiaGw06LLzVoMlsZ7sxfAtl4q5KSWl8nHeyoJwvWRoB2ZEsQzz_uyGpgGuJCpfBRPO2RaAwbve9dHGp6quB1YBVhnOKgyb8_Amlzf0Agm02PZ0W_hPfgvjEfRKHO9fMQ3QrhcLh-SDG3OiKs5iykRTYnjEHnO56ENK-BKCtxnBT7RD4CTOhws-2UBSHpFnpkne3Jq-pIuOe9ZckbZ8FrHicz9DZk79hTpy-rIe9A1STlyGpXLKk2Rx9_PByAG2b9b0CEgoVlxFSpLtBAjaVN2jUUehxPfzW7pyre95HepNzYxEk_x6mpruCmz8mIjm29kXkkKSiL8pViAEvAYVLEdfLTP92Ic92s4wgprE11uSetFEwSjxypoyB4_G-u_tS6b7yM3q82_bHGGsaxgHxCQJskgEroBv_0ns-zkoecU81uA1xuiuDgO-j74AqzFoORiPP5_0tNgkxBdiRfkUQ8A4wtmPKaPFzIi1ctBgcGXBZcIa64GGvEK4W-Pm4NcFZMN-b9ttMnQt0moKVC6nsgfMj1V_QMw3R8QU2qO1jk2IYD4eWgrVfHN1ApS15ME0lEEbiCZYIN8RcaSuA-6L5zZ57pHQQ3ot2rM79oDeWMqRL2xpfFWLnzo3w64NFxEBz56bYi3JgsV5Yn3Xh3hhp9LQ9lzCb5g-mnt-xLAxvCpwI-bcRpIXxU10dpPcAJG-usMMHSHgPzg5zP6ThWYhLNbXfA7tb581XZkkpxzXvx8rwVqSbsxgibUw7-rvARaH7dgLDgYPEgG43E7t_dKiGHkPDdxQaV2Eq-HEj7V9x1qV0V7Belbu_JhkB3laC6aVzD3nUMLOVVrFt03KDv0G1nisLNb2BMAHBqkLVr4D-LFwoAEhQBSrzBRMsUub6C_xXT1ukeh4tCqcIe8tQh3GSUp6qPBcEJTzBixiX0HIIWJ18EtHVZ4EbTKJC7U75U3-XEXFC4m8XZM9aFrphXqkSBMKhwAIDMfcDWgU0b2hj7nfb7awjdlOF2QltsaZI6b6804rOafTA1ovnSt0dhDq-tBJ7boQhMw0QtI8kMntcswsEWTwz_yuE588NM3ERhF06xSyQkosvupoQ1TYHG8HSzo4Te2440v62Xt3jnoHjm7ULSB-iX66mfL2-cpBOEX-byodPufnmsb7xdRSovDaD-bEx4Qu_eMaTb9vLwCpmOGWjggQUlH8mKeEjX8oaPazxniSwtZZWWc4dvtNpddbO-uPhqvzbuM74lOBwtfvotToun5oRjNfZBEmhEYqcDUM_btqRHMyklyoB2Udbga9esFVTZx1PIr6OH9fPEsODwLW0GdvUjgdnxqpWBOFoEn6kGvrw6y_v-BRyEpdBjHU_nt8s5SSIOpsfdyr6jNlqksB8qs2lnsuWKNI5US2gqDbAa7ZVGmebSUicSCPEsz4BD_1rQ2wrbXXvqPa9igv79cP3BWKB1fEefcxmvG7t2l5yYL4IA3wqecCDvwhLUC1d3xLelJT3hf9ey3c35fC5QE6oe-FQUp5C-E91RgIatr9h7P9PNzJAj2-Wj76zxcQkkoW5XRX0ykcpMey_vTIQA3wtmvNKll_svDex-L3muRUolVnCDq0i_mtBcSxiz0yQUDLn9td_IaHJYSEH85Hs7JLNeIEhFdeq0gvcipZ_yUF1O4_hsoGGyIxuXQVtiqDXoOnp_IrEMVIqHyHUFHCubhXLgsT4A_kbP59_chhCcO6o65-7WWI7justAAYJ0SVuLjIplFnZdHPNck0HKGn38HVK9Uiofe2KFI4pXTPVyL58pbWxz23AvDIR_WbwHEyLmRyaOG-QSeMYWqJ54AqBODvmmCPYhX8-LPLgCf8Pb2CU4Jpwugph07lKLgH0PP1VlnJWZbDgvbNb9Q6bIUzc9LY5k5xtAMoFMb-Dor9VyFvu3HjH5np6FbYSY1z0oZRkyVqSA5QVycocaRSRewF1DO7eGN8iMj79ru7acHaJVi2bTY66QaqfXur71uwmYKpPrAhf16kSLkjIztl0&cid=CAASEuRo2g1INdIRx56smm6Q-zVs1A&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fdc4e45cfda55b26e4e8018fb823436c409ca723521a8f523d3ecf47d621102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14603
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF96 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DG7cDH6FZ2qSm0J4N5CXLelDJo_fspHyrrfYtDa_KqtiaVWswZBlFMFxJyKe0ZVmytOg5h9jShrNo_HUVzaYLeJMVU2hxGdSBnTB0k2kDpWdbrYos
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame DF96 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:33:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF96 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame DF96 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
1875255482418879373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:41:34 GMT
l
www.google.com/ads/measurement/ Frame DF96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt34chVIG7kfrMc-CnEvxYvPgfPm3acZaLwF0ngmcoc7lWQ5Rl6yhDtRu6ajSu-rosNy89K5EpPUmv5ln_qgOCvTwjFg
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 1FAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:42 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FAC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL3zhDEACmGxgchkzglfwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:42 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPUhOZZa-tf5ArpQ_79h9iA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1FAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECfuseyQq-PgxkdhwgVwwq4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECfuseyQq-PgxkdhwgVwwq4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Protocol
HTTP/1.1
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cfdf5617-669f-422a-8f62-a2f54bc102f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECfuseyQq-PgxkdhwgVwwq4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FAC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcwMjEzNDIxMTI4MTkxMDY2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcwMjEzNDIxMTI4MTkxMDY2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVFO7Laza0K99mnEeGfQt9X1WxMcjI-guWiznwxmXPwekFweFQ_bpznSRf0rbQJsErm3de9g9apTz7VxwXFomLM1XDC_7UHVpEKzH5aDi-0IF3hSimWQ3gOP8RMnPA0tpiwOnk7LQ4Sf1_7ufIb9VJju78PLWAg6e8Hf5oY--VWnpFi2MY
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
80e2a3ac-4032-4055-afd1-5786c2d7e4c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcwMjEzNDIxMTI4MTkxMDY2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 07E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqlLJvi2mlDEAEr50E6m64&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqlLJvi2mlDEAEr50E6m64&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqlLJvi2mlDEAEr50E6m64&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 07E5 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 07E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKldxS9c0IL9jonQzx0SvHo&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKldxS9c0IL9jonQzx0SvHo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:42 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEKldxS9c0IL9jonQzx0SvHo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 07E5 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNXaO_asT67lJF0Qp_aQJr9vo1rZ2X0inThTMC7SjFXiKdox0EK0YMsVd9p2ke7wpCPacJ9x_H6J09QVPuVyrOVeeTSUpJF83JWfKg7dOKdjJC3lyRJpwHSRAsZPbJXbCLHeg9gibtVzQtPXH6e1nU5Am5NCf9gqY_lGxVS87JRF8Za1Efw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:42 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A036 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6WL9RUOEDEAvTi0Zah7EYO74E3v2ak7U2SFr1QRqF4QIKM-HTLG0c2SivhAs3OuctulwnMDSdyyVDeFXO6lcF4T5NK8yBCdpwo53zovhfSHLzmThV1ruVEpzjfwx1PVAw_0Dp2S6XH__qPVrw5LTyVOMZsg&cry=1&dbm_d=AKAmf-DkdBb7e35qLMAG6vyFzQ26f9QnhyZba228x5A_yQSke0Jztb7Z2SVQsmadQm1Y5cdwXKdbPPhR0ArVkBi6_LZjNYK_OjdcMQNX9FCPsklJJrC5m2mckIsdYaE3PdFBicifhU8VRJjbyu6eVKbFvMcppOulmtLgcxB6B1K2Jf3OP57ZfN2hnpuiIq1Z-pD3A8dqFEFFwbdA9rswJl9-XmQl9-BC26Uz90LpA5NeGGjjAQ9kkclBsFrzHxwBIJXCBgL2ZKf_0ikGQOJMzzrSuRrANRDb8T3QMp6ALWwciPiXHpXXlqa8CamTC9wLzCeUxk8l75tip-IWJv4woEYcN74nlgEi0k5y5wU3FGvGs3PiHo3PAaFPBrXfIgzSyloK61kYZAEk5oXAwRMdt4LzUqfo7zk5adizzvBEN7W8OqBYT3NgnwpuJHMLIY1YBtzy6csz9XwKm5uBMPOx1f1wadW6frEl9vE9Pz1m8VgA3EmS0dq7wtdYSUCV7G0pHaPxtglxjTrwIRL8KSNyKSm0Bo7hMGRMfhAO9-d2ET6_qaGDjuHDHfpU4d7NsLhCPaHoo9IkkuW6GjnOCjKdJbXqPVeeK9U2QH8tyttalZrYfI9zOBHu8hXEveUPcrJbFrGkHQIhiQZFm48qbF6thH09Y9rSY3cQTaU8-UPAluFjyAGLH9HYGXgha_LcLIcjQNUA08H7y-62oaWvsjZFQ50xu-OzB2qRnZlnML8W_9-6-9OBZDchNvlToK7TKkjWpu1NUVyaMZj4zxLl0Q1XaA_Pz5efOmjjeatryyU3dWAXvXELQ-s2_nC_dVYae1hHZTxyMiUtgeXhn0UGAtnORA8MkIpBxqmEPBa_sCYGwTxdcBPNEkzTwoJDSaMWSNEYq628LMsZ1bQiz0HOkGK6tG1mEKnI429BjuHpTi-qLFO46YJ9fej1a_7MjmMtx64NqMJCnjY5CcAPHaPhZx6C7KtnXJOGVlpb_EypHR3PgbnLi95IkRuVKxcTeBPHP-q3F508ShCdLushxNxG-XddtOnSijZW0Zva9Q9PPJXcdO2QksMsMk3iHhJ7P7mhdUGrGbZ5_hKUIBGsC8t_SpERadNIipviq-X-INmjJy8U6T6ofnOmzk1QGpWTuAiYeGS9Rw7Uqmt2LzHVbdksfb1QhYhQnjS4NspUeT8-fyNko4tZXz9RkkyHctEQG6ZXTFcosmOuhiHW52NC4mpQQuA_5aqRP2TRWiZ_JoD3dfBI1dTgwwfyHa7F2tK_Cey7IQeG0haYXIwLEoZlNfL-J8SkbvPxaNmcwpL7xMHyM4ZkjlQwFRR8CqC0HawL34LmJJM9M1az2NbE42ZWB5sVSQgqWMBnw1-V_kZD8EjSbdMTErsDmOj9u4MmxvsArzV8qO-ENPy4GdL37Rb43ej5Xgy4tJZdI_1qGHfTgai3UVc_IKCtbnix0WSFZgXOec86iL-10U_F3_2zittwUnRDAp0bDUIGY2WinFboJhaEFZRzeAii--DX4Q23OEyG-sZcERhnbnqBRyUhc5JOjKGttiJn4f_aUja_UyEPpj2v_kFIvFMwFEgeVbjXhuWRgIyw9VY7n3RBTKCvt0UJRMFeY2OJf31jlh8_k3Q8eQJksQapnJxUixL2VOs9kovH4dd_azekamYIoj8BFgdCfeb1hgTJTneZ-mtO3oiuJ_PIfdqRTs2H3uMBlxyp7rS6clzR1ZKiRIn3ccq6WGXDRSBnQL5zuwK96Rdx9PewKlHSzPx1tSSByLc1LkTlIRPMDYGGewFC53ISpCDUarRQOeJ-8sNI-sPKJwkvX70EqXK8n87H9_f0IFpHqkrdyFYTFWjCCq0-N-ei4yWG-s9uyyFD7e2KPhX6AvXWBMNxOURl0lx0XKzF7mCDcpMRHPead90GT3fSXWwd_TamP2aKET-LcORc9ARvKKDa6JyNp26z6eqVKBcdIM8rrGL4mHq6ucCUcaOaN1bzYGZYayOTB4gQVPQ-9QrdbjEscJEOJF2vxzpg0KjFDUeLTe05cvr2nw2BNbub72eJymjmmt3_zfX6BEiR1dU2-XF_0ZjS92HGOHFKJ_1JUi456NucoFj2VjdrRmPpc8TaQVanW9KLiQr81HzunFezOgky0TDzCMBOo1By4uGTxHfvZvka3ErtGPexIU7zwyiVNOQ3xsBTzF3M_Fb1a5mCvMvNGjHJz6Bhx3w1ArpJO1u79kAsF8ceKB8N1iBFQZ-uFBTA1HBo1y-z9MdCh9nZ49shu422yppGJ-iZsYZtmfz1WSmAjCFOkMNviUFdgsEDwEnv8RL73eclF50DKq-y5HDN5rozT-Y6lBgK2jC9OVy-lNZBq7WB2O7yTudu43IsALLYeFosIRW1e86GG571i_9WDBW1UFLSsWaCQduEj1UXMKfde_VkmOZ8b5ULS7pDy2Y0t-fD0o0BQqoo1FOaQiiW6KfG-CLTFGRBkjTALv_y2xGamAtnLqkegt4MyY_4iUAKYbw2ej8QEGUVLKnfEYZBNOcu1jVLkWKIbJWIpcxFUeKTrYouFqppL15JABuAesUV4YEVligPaRb6j99-dwAwrC7wj-TSC_9KEjZBxYrSzqhxkxzgO0ugyBgQOYfCdfKmJbrI7fJr_Ae-jvvWFmexFY5A7soYYQWkXZQ3b_AjQ6RLX1929qrUEoZysxRl6lJJDrW94G-1LGsFwelMUSwda6DldOe-p5CPBUvSJpScpDU21T6xvjxDryAlrwL6eXH1HqrDjyJGXzzaFLnNiGss1EvlKomvjEilBOiYjPj1wh3gQQ1k7aQ5aq7IhfXwAcoe0qmbZrD6-fSme2doaUNLk4icGrGmSje10dDb4hjcxm0XziLhHUaGH98_toWokkOVV87Y3jpELmZ7Q5LxPJmhOBLZirzRvjkj2ChTuMEDW-Qt3J4kTSGkXRZbiPIR128qQfY002p7cdzr0j5yjJOvcwmNVCT7Ewb8XNIZzLzo3rOgRjhcThD55NhiCtOhvUUAiNR26T6_cznl0tKpRCLCgaVT3AguHYo8cF0PPKZR7MfozxKyiVPBJoBGHr4LuyMFv-e0xKYjAl3GECtfzTjWFyCyBP1kkltm40GvPNxtAc5PXlu1up2fBO_KB1LGT_R-vbTKcrsd-VACUYa76bL2eB0Uy4wuMbMykZEa4AVCiAQcjuxgAn9IvnDWwKGwe0z1EgIfSBp3H_pmtszhJR53mfm1mq5U0f4uNN0UpmxTVIUIHLrX4RDrK1OlwwTVxZrOm_QxaCWq7BeHXEsW_4VuiNhdapJQ493dBf_TyzUBjf_6IafSawcv0yaTAZxXbYtL33KeBTgdsx6bz0SKHcCmcLwJTQ&cid=CAASEuRoDPtqKqS-7bGY96v0pFv2SQ&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A036 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6WL9RUOEDEAvTi0Zah7EYO74E3v2ak7U2SFr1QRqF4QIKM-HTLG0c2SivhAs3OuctulwnMDSdyyVDeFXO6lcF4T5NK8yBCdpwo53zovhfSHLzmThV1ruVEpzjfwx1PVAw_0Dp2S6XH__qPVrw5LTyVOMZsg&cry=1&dbm_d=AKAmf-DkdBb7e35qLMAG6vyFzQ26f9QnhyZba228x5A_yQSke0Jztb7Z2SVQsmadQm1Y5cdwXKdbPPhR0ArVkBi6_LZjNYK_OjdcMQNX9FCPsklJJrC5m2mckIsdYaE3PdFBicifhU8VRJjbyu6eVKbFvMcppOulmtLgcxB6B1K2Jf3OP57ZfN2hnpuiIq1Z-pD3A8dqFEFFwbdA9rswJl9-XmQl9-BC26Uz90LpA5NeGGjjAQ9kkclBsFrzHxwBIJXCBgL2ZKf_0ikGQOJMzzrSuRrANRDb8T3QMp6ALWwciPiXHpXXlqa8CamTC9wLzCeUxk8l75tip-IWJv4woEYcN74nlgEi0k5y5wU3FGvGs3PiHo3PAaFPBrXfIgzSyloK61kYZAEk5oXAwRMdt4LzUqfo7zk5adizzvBEN7W8OqBYT3NgnwpuJHMLIY1YBtzy6csz9XwKm5uBMPOx1f1wadW6frEl9vE9Pz1m8VgA3EmS0dq7wtdYSUCV7G0pHaPxtglxjTrwIRL8KSNyKSm0Bo7hMGRMfhAO9-d2ET6_qaGDjuHDHfpU4d7NsLhCPaHoo9IkkuW6GjnOCjKdJbXqPVeeK9U2QH8tyttalZrYfI9zOBHu8hXEveUPcrJbFrGkHQIhiQZFm48qbF6thH09Y9rSY3cQTaU8-UPAluFjyAGLH9HYGXgha_LcLIcjQNUA08H7y-62oaWvsjZFQ50xu-OzB2qRnZlnML8W_9-6-9OBZDchNvlToK7TKkjWpu1NUVyaMZj4zxLl0Q1XaA_Pz5efOmjjeatryyU3dWAXvXELQ-s2_nC_dVYae1hHZTxyMiUtgeXhn0UGAtnORA8MkIpBxqmEPBa_sCYGwTxdcBPNEkzTwoJDSaMWSNEYq628LMsZ1bQiz0HOkGK6tG1mEKnI429BjuHpTi-qLFO46YJ9fej1a_7MjmMtx64NqMJCnjY5CcAPHaPhZx6C7KtnXJOGVlpb_EypHR3PgbnLi95IkRuVKxcTeBPHP-q3F508ShCdLushxNxG-XddtOnSijZW0Zva9Q9PPJXcdO2QksMsMk3iHhJ7P7mhdUGrGbZ5_hKUIBGsC8t_SpERadNIipviq-X-INmjJy8U6T6ofnOmzk1QGpWTuAiYeGS9Rw7Uqmt2LzHVbdksfb1QhYhQnjS4NspUeT8-fyNko4tZXz9RkkyHctEQG6ZXTFcosmOuhiHW52NC4mpQQuA_5aqRP2TRWiZ_JoD3dfBI1dTgwwfyHa7F2tK_Cey7IQeG0haYXIwLEoZlNfL-J8SkbvPxaNmcwpL7xMHyM4ZkjlQwFRR8CqC0HawL34LmJJM9M1az2NbE42ZWB5sVSQgqWMBnw1-V_kZD8EjSbdMTErsDmOj9u4MmxvsArzV8qO-ENPy4GdL37Rb43ej5Xgy4tJZdI_1qGHfTgai3UVc_IKCtbnix0WSFZgXOec86iL-10U_F3_2zittwUnRDAp0bDUIGY2WinFboJhaEFZRzeAii--DX4Q23OEyG-sZcERhnbnqBRyUhc5JOjKGttiJn4f_aUja_UyEPpj2v_kFIvFMwFEgeVbjXhuWRgIyw9VY7n3RBTKCvt0UJRMFeY2OJf31jlh8_k3Q8eQJksQapnJxUixL2VOs9kovH4dd_azekamYIoj8BFgdCfeb1hgTJTneZ-mtO3oiuJ_PIfdqRTs2H3uMBlxyp7rS6clzR1ZKiRIn3ccq6WGXDRSBnQL5zuwK96Rdx9PewKlHSzPx1tSSByLc1LkTlIRPMDYGGewFC53ISpCDUarRQOeJ-8sNI-sPKJwkvX70EqXK8n87H9_f0IFpHqkrdyFYTFWjCCq0-N-ei4yWG-s9uyyFD7e2KPhX6AvXWBMNxOURl0lx0XKzF7mCDcpMRHPead90GT3fSXWwd_TamP2aKET-LcORc9ARvKKDa6JyNp26z6eqVKBcdIM8rrGL4mHq6ucCUcaOaN1bzYGZYayOTB4gQVPQ-9QrdbjEscJEOJF2vxzpg0KjFDUeLTe05cvr2nw2BNbub72eJymjmmt3_zfX6BEiR1dU2-XF_0ZjS92HGOHFKJ_1JUi456NucoFj2VjdrRmPpc8TaQVanW9KLiQr81HzunFezOgky0TDzCMBOo1By4uGTxHfvZvka3ErtGPexIU7zwyiVNOQ3xsBTzF3M_Fb1a5mCvMvNGjHJz6Bhx3w1ArpJO1u79kAsF8ceKB8N1iBFQZ-uFBTA1HBo1y-z9MdCh9nZ49shu422yppGJ-iZsYZtmfz1WSmAjCFOkMNviUFdgsEDwEnv8RL73eclF50DKq-y5HDN5rozT-Y6lBgK2jC9OVy-lNZBq7WB2O7yTudu43IsALLYeFosIRW1e86GG571i_9WDBW1UFLSsWaCQduEj1UXMKfde_VkmOZ8b5ULS7pDy2Y0t-fD0o0BQqoo1FOaQiiW6KfG-CLTFGRBkjTALv_y2xGamAtnLqkegt4MyY_4iUAKYbw2ej8QEGUVLKnfEYZBNOcu1jVLkWKIbJWIpcxFUeKTrYouFqppL15JABuAesUV4YEVligPaRb6j99-dwAwrC7wj-TSC_9KEjZBxYrSzqhxkxzgO0ugyBgQOYfCdfKmJbrI7fJr_Ae-jvvWFmexFY5A7soYYQWkXZQ3b_AjQ6RLX1929qrUEoZysxRl6lJJDrW94G-1LGsFwelMUSwda6DldOe-p5CPBUvSJpScpDU21T6xvjxDryAlrwL6eXH1HqrDjyJGXzzaFLnNiGss1EvlKomvjEilBOiYjPj1wh3gQQ1k7aQ5aq7IhfXwAcoe0qmbZrD6-fSme2doaUNLk4icGrGmSje10dDb4hjcxm0XziLhHUaGH98_toWokkOVV87Y3jpELmZ7Q5LxPJmhOBLZirzRvjkj2ChTuMEDW-Qt3J4kTSGkXRZbiPIR128qQfY002p7cdzr0j5yjJOvcwmNVCT7Ewb8XNIZzLzo3rOgRjhcThD55NhiCtOhvUUAiNR26T6_cznl0tKpRCLCgaVT3AguHYo8cF0PPKZR7MfozxKyiVPBJoBGHr4LuyMFv-e0xKYjAl3GECtfzTjWFyCyBP1kkltm40GvPNxtAc5PXlu1up2fBO_KB1LGT_R-vbTKcrsd-VACUYa76bL2eB0Uy4wuMbMykZEa4AVCiAQcjuxgAn9IvnDWwKGwe0z1EgIfSBp3H_pmtszhJR53mfm1mq5U0f4uNN0UpmxTVIUIHLrX4RDrK1OlwwTVxZrOm_QxaCWq7BeHXEsW_4VuiNhdapJQ493dBf_TyzUBjf_6IafSawcv0yaTAZxXbYtL33KeBTgdsx6bz0SKHcCmcLwJTQ&cid=CAASEuRoDPtqKqS-7bGY96v0pFv2SQ&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 01:16:07 GMT
partner
sync.search.spotxchange.com/ Frame 07FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d03532c-7faa-11ec-99a4-14c817940506
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d03532c-7faa-11ec-99a4-14c817940506
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWZJmJc7tbugacpFqZPocuDQN_155pBUtRLb9wd5I0tD90TvZPEKcQlQhwRbjY93u7gB1lZO6Lisz1mIRdXhGk3R8smcxmq8Tslm7A3y7Xx6iocTx4fQeiq2FtjV0jQ9wvkqsm8ZYgu5uHNbTsEv6S9kDuZN_q0S5G8pOa0Lzg-KfBHIbI
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
21
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d03532c-7faa-11ec-99a4-14c817940506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 07FA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWZJmJc7tbugacpFqZPocuDQN_155pBUtRLb9wd5I0tD90TvZPEKcQlQhwRbjY93u7gB1lZO6Lisz1mIRdXhGk3R8smcxmq8Tslm7A3y7Xx6iocTx4fQeiq2FtjV0jQ9wvkqsm8ZYgu5uHNbTsEv6S9kDuZN_q0S5G8pOa0Lzg-KfBHIbI
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
103
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 07FA 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWZJmJc7tbugacpFqZPocuDQN_155pBUtRLb9wd5I0tD90TvZPEKcQlQhwRbjY93u7gB1lZO6Lisz1mIRdXhGk3R8smcxmq8Tslm7A3y7Xx6iocTx4fQeiq2FtjV0jQ9wvkqsm8ZYgu5uHNbTsEv6S9kDuZN_q0S5G8pOa0Lzg-KfBHIbI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
partner
sync.search.spotxchange.com/ Frame 7D77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d034e82-7faa-11ec-8d1f-13b80d860106
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d034e82-7faa-11ec-8d1f-13b80d860106
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWeHbT86GHC1HoH8XJNDuapRNj64WjqdXD-j1pnvRKSar60YmWWRKqiY-ciihpNAyQq21H2uOhwdnVWEXLfu0Q5teZO5zMpLG9nOrFp2KK8v2D6FeVcGEwXG6dJTNlXJ9G_Uq7IKh1p2_4KcyPOIQSidm-Y50zgGVNc700bcb61ynFM4ZQ
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEFon--n1kXz7lW81D0mfLp0&google_cver=1&__user_check__=1&sync_id=8d034e82-7faa-11ec-8d1f-13b80d860106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
115
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7D77
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWeHbT86GHC1HoH8XJNDuapRNj64WjqdXD-j1pnvRKSar60YmWWRKqiY-ciihpNAyQq21H2uOhwdnVWEXLfu0Q5teZO5zMpLG9nOrFp2KK8v2D6FeVcGEwXG6dJTNlXJ9G_Uq7IKh1p2_4KcyPOIQSidm-Y50zgGVNc700bcb61ynFM4ZQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGQwMzUyZDctN2ZhYS0xMWVjLTk5YTQtMTRjODE3OTQwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
95
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 7D77 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNWeHbT86GHC1HoH8XJNDuapRNj64WjqdXD-j1pnvRKSar60YmWWRKqiY-ciihpNAyQq21H2uOhwdnVWEXLfu0Q5teZO5zMpLG9nOrFp2KK8v2D6FeVcGEwXG6dJTNlXJ9G_Uq7IKh1p2_4KcyPOIQSidm-Y50zgGVNc700bcb61ynFM4ZQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame F480 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A81sNORD26O3yYhxzRQ-OJ9csdma4EqpJGQ9PcMdtgsbrkFL-zH1g-c9SpayRnhx8Kn0fluZIQXUFOvqa0vTWA8ESamZp_bnauh2S3XG_z8xvyiZJ3Sci3tjETSkezOujUQBuU0zUv4FOXWpdYetG1GqSckg&cry=1&dbm_d=AKAmf-DXZsTy6KRWl1D3aqTmRIe54KhwOCfVHow4eiDXAsFt4TD6hgOQ0l-Ur311-S0ZbaqPw3YkiAauIYHsvFQK7vf1UQa9nNtgBeKtDbsqlsTm9qaZ-GFo-gVKv_KH6Vm3iMWzQLrabukzvUHiZV5eHx_1kwv5eo0Xv8rE_TpQE-FpaRD1vMdl5gphylBCr3GfwftySeF1ujN9MPNVLdpEOSaks3-rlwkwsdcY4PcG1aM679WvDapLjOO2StCmyHXdqd-hKZCj8owEHqRbwT7tvpHW8EkeiPYlMESZzA5u1Mtu7GhH4qS7ziY3uzpC0ybGJyufNhk04of3kOcXW6YF9fAVHLrfnVLP4J5KNu7_7ixmxX22eKRyf4mNQk-kh-YkG-m2ArqqY-Q7ccl6vsap7L0jZ6htOjRt-5qn9zoKzzN8oRdGcKDptm2vzBVTDC9otNNiXQqI4IOP0l1OiPrN_UIBClTqrp60gY9hB7v5EGuxFEBcCHDHuhONwxFLKI9jLpZbY7pjXJfry4I_KJyniOcZE7EegNkH-HjiREm80KcgbFFWTlzGM6a84hfZ4WUv3BoDAi8OqAnnVDl5TWKwlbuDNQf1I4LfQM2xwbtjcqEVmGl4-SF8-YqFqtqcBukieob9PKLjDRlj6iZf47YxmWGAlhwvrv5lxAsxoQZeF4m1dHYA4VwXsL2wie0kDdRFssBAYpETxMCIHzVycAqXWMloswcLDtrcnCPCRI397x3I0henIjSyiFb2Q9sJNRkXAYR3zEENO5A6vXLvq71658nrV9s8oQkpheBtN9sZnycYAL6kCL90_jqqn1lA1_Yq1hr3XScY-Sj_S9soAh84v7O9O1yvB101nfbyEyf4PJLINDzfVqgMoOwReYstxILiQ867xskDx3N0UAnHyIoWUWn4HxSuAriEQ5iZQVZJ4XR5RoNKOeoMS0lxoLK3p-uYw0WtQJJ8rdBAV_ol6cfc7yPR74J5p9dtroLHD7FRo53-enP6i1281EWTzJt977fO6Y8_KXZyQrEYWtrRqqEXzHm8WlpRqBLMx93Tts2paa0TGFpRG7qBSV83nptSO8h_1luk3ri5xzzjrVeE4S1Fm0OINdchqvlMeZRX7StUye7O8TMvKq-BozOxi0lCAdBuIlOJ7liYsM1XM-4jKTuZ-rpyh_Vq3k-9edhCqcEJHGY_NXn8WHrVrxn-HMp7yFqjW6geCXB8WRDVD5lFK1bHjHHhz6JhKLScZE2KERwlDIOB-eBhTJE1VcvZjiJo5DMZi9LpiQfjZ4GOJcf75T6Oc-AN4IzSxGqQKFOhRsrpCOr-xtuR-tIsaf5EyTjNyCPoAMAUe3X-SpGZ2FG8ytrmUx78Gd6gydQ7qmIp-VxMNLn7ciwDzcFBLYPEScS3cphXeCgU4Giz9S4pVJFkCGcrqAZ-i0KACSL5Aty6Jl_dwg1-0xR2RYhWIEcdvKnNoxOpwMLRHJCeeSOiaZ_Qd998AcQ9cf7lJYCW6E1-n1JDAGEO6Kf9oYsVXWx6pK81KMxVMrfbZKBvuFW7_wyI45OC65y43_AzvmU7MasdTh7axLqNMLRE_WAM-V9ts7_hgDjnQ25v17raPi2EGHBd-EtQzRBTTUpAiXBy9JNEp6RZXA7vT06Gfm875trGhi2bOVAebpzfZElIfxFhRaDQjDE6yaqez9H_zvnbWhjZkvB30JElwOhQCvGx4pUUTjc1F0XZbkv7qNbwr2dAaa5fsgzEU15savraXmCv7ufP2KKeQOSzG6fffgw0_YhDbwPUGQhGZ7T3fSNF-QynzxITYq67OTfI3OP41zGH6YnUlT_5751oGSDYpzhDkxynXibZePDyLwxdSZp6wUaFXrs6x-otakU17O5q5YEiHHinL61goAGZ0KxZFHFM_19hEIbnDwFkPxQgbWJR8NR-o0xfps7F5QZ6VEYp_ebknRmFEq_9SCsud5dd-Ply9LrRGn0OSU8q-gB05Ppylr9nmdizXdijHrtkpdTql7yWvcMkeE8Us4fC8q8cfxIChMMj5mX5s5WYHG82NvsDajQ_4GqV6TgeunRPfJIltMPBmk2aVdyQ0u6yH1vKvHZR-C1dKFWnDWhHr4ZYf6ofnLOBAGuiv5cd1_Uii1n-T48u9wPAHNhDK2opW3PoqZ7CqHsX3c-TDc_P04pUXHE9Lnrp2SW0VieydNKUTu4LsJtNOMZJYYfl5zhh3SuHABUs1gyKHfo7SxEwyQ8sYz4JKz01XeDOZoVpnhKwAZ08b99vgAWHDP3oMHhecyXRpGTaDj9Jd2EwKjaqockCFoGlmWrIk0QmX32ExO5WWwhRTxi2SzgBqRoJY3r_a1p6eCZHrgE1RTvc6u1StweYtkruJ_JKFi9xdJ6pYyY3yy9Y7OKjw_aPkFba0ZV12STmpH_1cSYTT4VfvopcS6yjU6tsplfhh3zFi-wHk6gojxY7rftDfvD7_vp5Ket4gXPaKJjjQp9wZKrNDco0ojSKfCoQFMSLcaeFYRbCGGLOL19AaXYv80NPq4e2bY650f34s6Ow7aVEps1saeJJkPQAMBhcSNVmxzshM09pkyZ88HIywUPDcxoCe0U6c4UmEvYKNseJGTZhzRwqKtA8f1Rg8ueuAS2LdgwAAp51-r712Te11GvQWBpRTPyRReHmCi9NI4sJCCrZsmt5p-CA7PaeOdhf_B55Pm4S7dmB66nqHlxlC45JsCfr-f9l6iO5ACELNMISAUdXHetzVImZ0BcW-jKrO7LRx9O010VklZ-W8ZBK6_L1UrCknh1s91q-Z-13ZPnjvyRd7djyEjq5xCjSxRjKrOfS-JPUrIf4i_2mXppMd-4WxWT5lr5Gdy_JbA9Os2ornpfh_hTydjlgoDuijDdiGs9_R8-bhLGqcqOb5D03dSiV1i2eRPhE3m7MLCwWmQxFF-_Kl0cl7zNoNEfRTodMF0NgebpEfOosSlpJvQI-RET12Bda3ScxgtaI-LSHFRYY5hdNo0lupvFQ2TIt0ZFeU7TiOYWb37C_Knc_chm4ZOsOBlzz8XK7GTphM-s252hGYWzlNI6d9YoJmglbYl6ScybFF90eZ2X94ylKCS3Ww0fF1kkXtIw5WwUYB_wTAA1jog299-57rZ0gXrXGixLe18QPPCvHN_hGlxNEvEnXtHbnVnVC8ocjnAj-_vhBQ0nXUd_R74QUUpRGlZOGevtL1R6Iyz1tWCLfbLcgT8C1l2_guKrnsWwdSM-PFACFAeXFlz1gYxuQptsJ6uPnGtYm_TkN4VStPSKIalsZrnVFsR1RzXyD88sv_xDQcJeiudrTB1YCKVtExPBWmJYGVDlluG3zuQpwdhmylFNsc0aZJrrOetXaLSyjl1RnKq2e5ew&cid=CAASEuRoLnAAkDQSe73Ywxf5KBZybw&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F480 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A81sNORD26O3yYhxzRQ-OJ9csdma4EqpJGQ9PcMdtgsbrkFL-zH1g-c9SpayRnhx8Kn0fluZIQXUFOvqa0vTWA8ESamZp_bnauh2S3XG_z8xvyiZJ3Sci3tjETSkezOujUQBuU0zUv4FOXWpdYetG1GqSckg&cry=1&dbm_d=AKAmf-DXZsTy6KRWl1D3aqTmRIe54KhwOCfVHow4eiDXAsFt4TD6hgOQ0l-Ur311-S0ZbaqPw3YkiAauIYHsvFQK7vf1UQa9nNtgBeKtDbsqlsTm9qaZ-GFo-gVKv_KH6Vm3iMWzQLrabukzvUHiZV5eHx_1kwv5eo0Xv8rE_TpQE-FpaRD1vMdl5gphylBCr3GfwftySeF1ujN9MPNVLdpEOSaks3-rlwkwsdcY4PcG1aM679WvDapLjOO2StCmyHXdqd-hKZCj8owEHqRbwT7tvpHW8EkeiPYlMESZzA5u1Mtu7GhH4qS7ziY3uzpC0ybGJyufNhk04of3kOcXW6YF9fAVHLrfnVLP4J5KNu7_7ixmxX22eKRyf4mNQk-kh-YkG-m2ArqqY-Q7ccl6vsap7L0jZ6htOjRt-5qn9zoKzzN8oRdGcKDptm2vzBVTDC9otNNiXQqI4IOP0l1OiPrN_UIBClTqrp60gY9hB7v5EGuxFEBcCHDHuhONwxFLKI9jLpZbY7pjXJfry4I_KJyniOcZE7EegNkH-HjiREm80KcgbFFWTlzGM6a84hfZ4WUv3BoDAi8OqAnnVDl5TWKwlbuDNQf1I4LfQM2xwbtjcqEVmGl4-SF8-YqFqtqcBukieob9PKLjDRlj6iZf47YxmWGAlhwvrv5lxAsxoQZeF4m1dHYA4VwXsL2wie0kDdRFssBAYpETxMCIHzVycAqXWMloswcLDtrcnCPCRI397x3I0henIjSyiFb2Q9sJNRkXAYR3zEENO5A6vXLvq71658nrV9s8oQkpheBtN9sZnycYAL6kCL90_jqqn1lA1_Yq1hr3XScY-Sj_S9soAh84v7O9O1yvB101nfbyEyf4PJLINDzfVqgMoOwReYstxILiQ867xskDx3N0UAnHyIoWUWn4HxSuAriEQ5iZQVZJ4XR5RoNKOeoMS0lxoLK3p-uYw0WtQJJ8rdBAV_ol6cfc7yPR74J5p9dtroLHD7FRo53-enP6i1281EWTzJt977fO6Y8_KXZyQrEYWtrRqqEXzHm8WlpRqBLMx93Tts2paa0TGFpRG7qBSV83nptSO8h_1luk3ri5xzzjrVeE4S1Fm0OINdchqvlMeZRX7StUye7O8TMvKq-BozOxi0lCAdBuIlOJ7liYsM1XM-4jKTuZ-rpyh_Vq3k-9edhCqcEJHGY_NXn8WHrVrxn-HMp7yFqjW6geCXB8WRDVD5lFK1bHjHHhz6JhKLScZE2KERwlDIOB-eBhTJE1VcvZjiJo5DMZi9LpiQfjZ4GOJcf75T6Oc-AN4IzSxGqQKFOhRsrpCOr-xtuR-tIsaf5EyTjNyCPoAMAUe3X-SpGZ2FG8ytrmUx78Gd6gydQ7qmIp-VxMNLn7ciwDzcFBLYPEScS3cphXeCgU4Giz9S4pVJFkCGcrqAZ-i0KACSL5Aty6Jl_dwg1-0xR2RYhWIEcdvKnNoxOpwMLRHJCeeSOiaZ_Qd998AcQ9cf7lJYCW6E1-n1JDAGEO6Kf9oYsVXWx6pK81KMxVMrfbZKBvuFW7_wyI45OC65y43_AzvmU7MasdTh7axLqNMLRE_WAM-V9ts7_hgDjnQ25v17raPi2EGHBd-EtQzRBTTUpAiXBy9JNEp6RZXA7vT06Gfm875trGhi2bOVAebpzfZElIfxFhRaDQjDE6yaqez9H_zvnbWhjZkvB30JElwOhQCvGx4pUUTjc1F0XZbkv7qNbwr2dAaa5fsgzEU15savraXmCv7ufP2KKeQOSzG6fffgw0_YhDbwPUGQhGZ7T3fSNF-QynzxITYq67OTfI3OP41zGH6YnUlT_5751oGSDYpzhDkxynXibZePDyLwxdSZp6wUaFXrs6x-otakU17O5q5YEiHHinL61goAGZ0KxZFHFM_19hEIbnDwFkPxQgbWJR8NR-o0xfps7F5QZ6VEYp_ebknRmFEq_9SCsud5dd-Ply9LrRGn0OSU8q-gB05Ppylr9nmdizXdijHrtkpdTql7yWvcMkeE8Us4fC8q8cfxIChMMj5mX5s5WYHG82NvsDajQ_4GqV6TgeunRPfJIltMPBmk2aVdyQ0u6yH1vKvHZR-C1dKFWnDWhHr4ZYf6ofnLOBAGuiv5cd1_Uii1n-T48u9wPAHNhDK2opW3PoqZ7CqHsX3c-TDc_P04pUXHE9Lnrp2SW0VieydNKUTu4LsJtNOMZJYYfl5zhh3SuHABUs1gyKHfo7SxEwyQ8sYz4JKz01XeDOZoVpnhKwAZ08b99vgAWHDP3oMHhecyXRpGTaDj9Jd2EwKjaqockCFoGlmWrIk0QmX32ExO5WWwhRTxi2SzgBqRoJY3r_a1p6eCZHrgE1RTvc6u1StweYtkruJ_JKFi9xdJ6pYyY3yy9Y7OKjw_aPkFba0ZV12STmpH_1cSYTT4VfvopcS6yjU6tsplfhh3zFi-wHk6gojxY7rftDfvD7_vp5Ket4gXPaKJjjQp9wZKrNDco0ojSKfCoQFMSLcaeFYRbCGGLOL19AaXYv80NPq4e2bY650f34s6Ow7aVEps1saeJJkPQAMBhcSNVmxzshM09pkyZ88HIywUPDcxoCe0U6c4UmEvYKNseJGTZhzRwqKtA8f1Rg8ueuAS2LdgwAAp51-r712Te11GvQWBpRTPyRReHmCi9NI4sJCCrZsmt5p-CA7PaeOdhf_B55Pm4S7dmB66nqHlxlC45JsCfr-f9l6iO5ACELNMISAUdXHetzVImZ0BcW-jKrO7LRx9O010VklZ-W8ZBK6_L1UrCknh1s91q-Z-13ZPnjvyRd7djyEjq5xCjSxRjKrOfS-JPUrIf4i_2mXppMd-4WxWT5lr5Gdy_JbA9Os2ornpfh_hTydjlgoDuijDdiGs9_R8-bhLGqcqOb5D03dSiV1i2eRPhE3m7MLCwWmQxFF-_Kl0cl7zNoNEfRTodMF0NgebpEfOosSlpJvQI-RET12Bda3ScxgtaI-LSHFRYY5hdNo0lupvFQ2TIt0ZFeU7TiOYWb37C_Knc_chm4ZOsOBlzz8XK7GTphM-s252hGYWzlNI6d9YoJmglbYl6ScybFF90eZ2X94ylKCS3Ww0fF1kkXtIw5WwUYB_wTAA1jog299-57rZ0gXrXGixLe18QPPCvHN_hGlxNEvEnXtHbnVnVC8ocjnAj-_vhBQ0nXUd_R74QUUpRGlZOGevtL1R6Iyz1tWCLfbLcgT8C1l2_guKrnsWwdSM-PFACFAeXFlz1gYxuQptsJ6uPnGtYm_TkN4VStPSKIalsZrnVFsR1RzXyD88sv_xDQcJeiudrTB1YCKVtExPBWmJYGVDlluG3zuQpwdhmylFNsc0aZJrrOetXaLSyjl1RnKq2e5ew&cid=CAASEuRoLnAAkDQSe73Ywxf5KBZybw&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 01:16:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7384 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 19:40:28 GMT
expires
Fri, 27 Jan 2023 19:40:28 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4E7E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b0679a429ee69de00c6a426e0f4e2a1ccc093632b5087a3b4cf5f42544a12a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5xDyip8kIgayBRcQ715TOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 27 Jan 2022 19:51:42 GMT
date
Thu, 27 Jan 2022 19:51:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5xDyip8kIgayBRcQ715TOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4B5E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CslF9F2JIUvzKd30oOCbzNs5N4-ffR7j1wqrA_-lPn1-SbfLlsuGVRysKS-_JOwEJlo9XzQE9iMnd_js-YAR_e5PEWL36G7JfASKMhKtSO7JVbDWFdBNIFFx7_WINdrKf3p8-436LvTLxUAAzkhYpMMSVpcw&cry=1&dbm_d=AKAmf-Apck1X0BGVPxcVLMMs19IFjZjev5bTX5HBymuvvmJmjrxJw7LMYPi7f_5hDu_EFAl94DhMjZK2JBleFY1isdCxfFCgBEdoOoi8mvppCx95xp0Iyy458IcLMt8cfrZMmOaXmQ79TXloCf9A3UxxVBimPjy4C12KcpUj8MzPdAzOyRRvD4A8oWS8Z4aqMejZJlhzh45ScIDIQGul3E3z8RIGxcrBRUOH_8i3Mx12ZZhxNtydBBcQN5wVQcG-VRmLTAtIwiAVpVE-wP7Lr47Xnnx5wWbSIILaZibQnofEYOi3GJhtIhVhcjuYM3R8wsnMxXruIJ1zvLNIFlvVqdguH0vY_yyaoY25MYTzk0BfucT9y91ZssOyQO-YRqG7XLfUzaL2eEe3IjIwNBvgQ-gbtAq89KOT1saKovgqqafYpMFfVqY5YZ18EWU_bJ3tej73874uHuardm8d5YjIRwAv9IUyviqGeuv81y27dTFdvJp-FJ_Vn0xbxapBdYsVwWFDVjsdxAbb9Bc4bzSLeOqHUesvdIobcqOgIFCNWxnnbHznBkRqP6_rHJkSTiSGOpd6o4dBp-15NuPhoiDLY5wtSNNVZf15aP0rNXfrqeHikvIjq21D7A7KWvGYWRovX35653TLlbczg3TU-6rihZ3_5vkfBwJzgOc3qbBR2aIlAE97e1WnfBG4dWA_PHr1yGgyglOpwxnRQrMRZiRSOGrCloNljYl-svwZxtUgYH0LrmhinkF6PipjAdJVbtK37-EbpS097cQuKRf8oh2AkHfQx2QZNqDkFc5JFnzo49c1EKcssTKU_tt0qGRUAXAtMInZvdM8i1BRRNPCRv4XCpWfC0xpqyFgPWz9LpIIfLFzGRTPt6uPfR4AvWe7l2qDb0flD3p6HaLJxOMWw6W5rvBGtZR2QczVfQRDjo-yTP6D7W8O6IREv9dDG7munn3ZcuHNTrP6qwO0T-6mTEk-28ps5rDwu6TThe8d4kx7btIjnkEJa7VKHj6VOwmmBJzx9zSkeLjDP9hJ5ixqgNauU2qX5KWVaTpvtkL0ROe8G6WEMp_8v3wgj5WoqmNBNER42icVq4n1Nnus9FQwff7l9ndjAsMI_fyPLcPW_LJYmQspas9ZV2W-rMf0Ai8mJZ1lNGp1y7KkEhArNAvgp1Ky77mQ_20XmjW7TnM8suEtSH5pTybmIwkEKyc-DiHetWV43XxMOsRYWBsHGLrRBup_VQL0lPtJf48PLI6VMTkahF5d6aLBbKYfKPO7BzD1eu72Ylq3iHqis4nAqkMIl2t_O1j-iFBzuQ-xix65AySPbV82shO86o3MaqmRMLC0ieGMZNJuwTg4oZGb_HybOq9bOBzV16ZG62CHVQXhN1l_9_p1IhD_-5UvJ5qTfur0W-dyA8tQVvsXGIfZWKejTJ40Ue36hQvOqvBGaDULder4fzbGSVanAq95EJfnwnlv13nLDxWBSktysCZu4A828b_MLeFqKClJnbwdpy0CaFEzaEnXyBek4m_WOab8Gh8KsLn41fAzaEAC66oQ_X6c7NvX4WbmPGg3R1Ow1GQLQiFfKQHnWOq5CDGe8cdhQYsl8Nj4SdFAqguj9Fs6XimJ1M-z3CkNuws_BbxL3W3SPaY-zOGrCca05PnUDRrM8_IEtSfCCdojoWqUv8jBGP-wB_MHA6mb8l4usW_5OTZm1HahV1dHOwUr4bNkRGJ8vn1XLxdReUT-7Z8gE5lWw3vwfkRQKEF_MDi6zX3uRapvu5cpChRQctu65DQQfHeHnU0h0Ztb9SD1ncH2kf3SZXpUvQVTDY7cSCj2nQ53W6MAqtk3HSAGkvD-rebkdphC82XkL0vBsTCqjZnUi2ZSHdeqLJO_ir8aeXDHkbr74gLVjMVnDZbTXeU7Ue3Shps9ujh1PT3rbO8BFN3I982mKYV6i6TN31WmjFhROEr4vGoL2QTIkJ-kKTgxvShCXWg2UF6cNui4YjCxp273mMEJsCdWyUHmVQ1MZm3pmZqcsYwWR8Juvar70D4PS2TfPKIzgSqW32VxBx1bQY0zlvC63haNNIkG0Czr20g-QoQ3RAz81UMX_BB_q_h84x08rBEjMRKSxsLgc43KZncTMLVSMJjWVONSlV4LWrN-tXVhINOn4yN0JF5NU-mltMZkHCItDghht3HqhSTW8q0HXDHx4hlH5r5NkbTJPuC6pyFRl57-EzgNP42mrcpBStr99XS6R8z-c0I6WTEuXTepGt-JzNNW_efd1J1u2RMhbF4DnekLAJ7IIFcszmrJB8ZFPNwAZFD_Bu04iz0gH1dIteId7kUeIZbAKWZqfihSsgaMML1NpAAs1HdxyOS2I9MkbqKGK6wu5ok3iuk0vUkEdz_16yKReyb89OF8i7YL9cH7GRAYnXTamZdWMF-KjMJh76F0MY_ymMVZ3gm5nUo--fwmhmhe7VV7vJZ_S0sGwWliPPvanCNaa5sc2myfE0d_uiQWj5CLr5ZcqcKE4G_hJ34o_i5HYVVnNz_65oQ79AnbssKx5oiaj5y5wj9Ym7MQC3EYXKKfOjYfZHcjS0XFFhTmi3M_z1uschwsYqNxNjZKI-cm73KoZkanO-EROBuAudfEzT4nQR9INZ4HYQoS-U1PH7Uudr8XiHyqSZdivH-yUXuk0tLV1fISLpakBL6OZmsHg8lORbNjnT_bvAqWcuooz0HK0NmcuERMJIC9Ex5TzRov5xJ_onzp7fUSh2Zbr9BfkuZPHQ0NzMJVZKwjbp1DWamoHbFF2eZnk1J9jB4ejDsh0E59A2_DjpmZNAHEmh10NLEdv-N_fZrZkcSmC5mrtO4qgLG3F1nKRvjBLsQQW9QzNod7DH1xFbyt18fg1EOlfOGsntaWPPNgGre-JYzjiIYTA_kVOsbpZBlERu0D-66ESDHIXCHSdZGOTzbHd8QIrXgtRBMyUQ_C4UXUT2P8_av1ha-euNrhG7TR4exxxwePM-Xq26P8QaAw8BqC4iGv6SHGoPRxjuqUStcaTFe0AAgegIdbOZyrtjpdxH5N46dY5tGLlTeEysaszt1gPrRpqW8ZFRznwqA8Tcd-KcIegPceIZaSxCho5jeoDiPcSoaZqZFpwa7cfZvuzPls4Zw-XrNQodrX-1YGLThxSnmm7sYv27jLBeTNvN5d-tHHtnquAxex3A7O93xNViVJbaS8dzGI9R3uQh2XXs4vuYbAWRfHPuC4E10lAiF1xC7dLdQNad35koX30RP3VrX8uQQaZTMEqZiEaorbSSXv1kvr5QpMujX7i2m9wh1l0GWhU95HiJU2Arq76vMPm2p06xwA-E0u-R_IXgEGS6HN_hcVkHK4MU04cMI3ZodvE3p_qzaBSa9h4sX24A_prDy57mk&cid=CAASEuRocvXsL07lOHVBte7-iVCg7g&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B5E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CslF9F2JIUvzKd30oOCbzNs5N4-ffR7j1wqrA_-lPn1-SbfLlsuGVRysKS-_JOwEJlo9XzQE9iMnd_js-YAR_e5PEWL36G7JfASKMhKtSO7JVbDWFdBNIFFx7_WINdrKf3p8-436LvTLxUAAzkhYpMMSVpcw&cry=1&dbm_d=AKAmf-Apck1X0BGVPxcVLMMs19IFjZjev5bTX5HBymuvvmJmjrxJw7LMYPi7f_5hDu_EFAl94DhMjZK2JBleFY1isdCxfFCgBEdoOoi8mvppCx95xp0Iyy458IcLMt8cfrZMmOaXmQ79TXloCf9A3UxxVBimPjy4C12KcpUj8MzPdAzOyRRvD4A8oWS8Z4aqMejZJlhzh45ScIDIQGul3E3z8RIGxcrBRUOH_8i3Mx12ZZhxNtydBBcQN5wVQcG-VRmLTAtIwiAVpVE-wP7Lr47Xnnx5wWbSIILaZibQnofEYOi3GJhtIhVhcjuYM3R8wsnMxXruIJ1zvLNIFlvVqdguH0vY_yyaoY25MYTzk0BfucT9y91ZssOyQO-YRqG7XLfUzaL2eEe3IjIwNBvgQ-gbtAq89KOT1saKovgqqafYpMFfVqY5YZ18EWU_bJ3tej73874uHuardm8d5YjIRwAv9IUyviqGeuv81y27dTFdvJp-FJ_Vn0xbxapBdYsVwWFDVjsdxAbb9Bc4bzSLeOqHUesvdIobcqOgIFCNWxnnbHznBkRqP6_rHJkSTiSGOpd6o4dBp-15NuPhoiDLY5wtSNNVZf15aP0rNXfrqeHikvIjq21D7A7KWvGYWRovX35653TLlbczg3TU-6rihZ3_5vkfBwJzgOc3qbBR2aIlAE97e1WnfBG4dWA_PHr1yGgyglOpwxnRQrMRZiRSOGrCloNljYl-svwZxtUgYH0LrmhinkF6PipjAdJVbtK37-EbpS097cQuKRf8oh2AkHfQx2QZNqDkFc5JFnzo49c1EKcssTKU_tt0qGRUAXAtMInZvdM8i1BRRNPCRv4XCpWfC0xpqyFgPWz9LpIIfLFzGRTPt6uPfR4AvWe7l2qDb0flD3p6HaLJxOMWw6W5rvBGtZR2QczVfQRDjo-yTP6D7W8O6IREv9dDG7munn3ZcuHNTrP6qwO0T-6mTEk-28ps5rDwu6TThe8d4kx7btIjnkEJa7VKHj6VOwmmBJzx9zSkeLjDP9hJ5ixqgNauU2qX5KWVaTpvtkL0ROe8G6WEMp_8v3wgj5WoqmNBNER42icVq4n1Nnus9FQwff7l9ndjAsMI_fyPLcPW_LJYmQspas9ZV2W-rMf0Ai8mJZ1lNGp1y7KkEhArNAvgp1Ky77mQ_20XmjW7TnM8suEtSH5pTybmIwkEKyc-DiHetWV43XxMOsRYWBsHGLrRBup_VQL0lPtJf48PLI6VMTkahF5d6aLBbKYfKPO7BzD1eu72Ylq3iHqis4nAqkMIl2t_O1j-iFBzuQ-xix65AySPbV82shO86o3MaqmRMLC0ieGMZNJuwTg4oZGb_HybOq9bOBzV16ZG62CHVQXhN1l_9_p1IhD_-5UvJ5qTfur0W-dyA8tQVvsXGIfZWKejTJ40Ue36hQvOqvBGaDULder4fzbGSVanAq95EJfnwnlv13nLDxWBSktysCZu4A828b_MLeFqKClJnbwdpy0CaFEzaEnXyBek4m_WOab8Gh8KsLn41fAzaEAC66oQ_X6c7NvX4WbmPGg3R1Ow1GQLQiFfKQHnWOq5CDGe8cdhQYsl8Nj4SdFAqguj9Fs6XimJ1M-z3CkNuws_BbxL3W3SPaY-zOGrCca05PnUDRrM8_IEtSfCCdojoWqUv8jBGP-wB_MHA6mb8l4usW_5OTZm1HahV1dHOwUr4bNkRGJ8vn1XLxdReUT-7Z8gE5lWw3vwfkRQKEF_MDi6zX3uRapvu5cpChRQctu65DQQfHeHnU0h0Ztb9SD1ncH2kf3SZXpUvQVTDY7cSCj2nQ53W6MAqtk3HSAGkvD-rebkdphC82XkL0vBsTCqjZnUi2ZSHdeqLJO_ir8aeXDHkbr74gLVjMVnDZbTXeU7Ue3Shps9ujh1PT3rbO8BFN3I982mKYV6i6TN31WmjFhROEr4vGoL2QTIkJ-kKTgxvShCXWg2UF6cNui4YjCxp273mMEJsCdWyUHmVQ1MZm3pmZqcsYwWR8Juvar70D4PS2TfPKIzgSqW32VxBx1bQY0zlvC63haNNIkG0Czr20g-QoQ3RAz81UMX_BB_q_h84x08rBEjMRKSxsLgc43KZncTMLVSMJjWVONSlV4LWrN-tXVhINOn4yN0JF5NU-mltMZkHCItDghht3HqhSTW8q0HXDHx4hlH5r5NkbTJPuC6pyFRl57-EzgNP42mrcpBStr99XS6R8z-c0I6WTEuXTepGt-JzNNW_efd1J1u2RMhbF4DnekLAJ7IIFcszmrJB8ZFPNwAZFD_Bu04iz0gH1dIteId7kUeIZbAKWZqfihSsgaMML1NpAAs1HdxyOS2I9MkbqKGK6wu5ok3iuk0vUkEdz_16yKReyb89OF8i7YL9cH7GRAYnXTamZdWMF-KjMJh76F0MY_ymMVZ3gm5nUo--fwmhmhe7VV7vJZ_S0sGwWliPPvanCNaa5sc2myfE0d_uiQWj5CLr5ZcqcKE4G_hJ34o_i5HYVVnNz_65oQ79AnbssKx5oiaj5y5wj9Ym7MQC3EYXKKfOjYfZHcjS0XFFhTmi3M_z1uschwsYqNxNjZKI-cm73KoZkanO-EROBuAudfEzT4nQR9INZ4HYQoS-U1PH7Uudr8XiHyqSZdivH-yUXuk0tLV1fISLpakBL6OZmsHg8lORbNjnT_bvAqWcuooz0HK0NmcuERMJIC9Ex5TzRov5xJ_onzp7fUSh2Zbr9BfkuZPHQ0NzMJVZKwjbp1DWamoHbFF2eZnk1J9jB4ejDsh0E59A2_DjpmZNAHEmh10NLEdv-N_fZrZkcSmC5mrtO4qgLG3F1nKRvjBLsQQW9QzNod7DH1xFbyt18fg1EOlfOGsntaWPPNgGre-JYzjiIYTA_kVOsbpZBlERu0D-66ESDHIXCHSdZGOTzbHd8QIrXgtRBMyUQ_C4UXUT2P8_av1ha-euNrhG7TR4exxxwePM-Xq26P8QaAw8BqC4iGv6SHGoPRxjuqUStcaTFe0AAgegIdbOZyrtjpdxH5N46dY5tGLlTeEysaszt1gPrRpqW8ZFRznwqA8Tcd-KcIegPceIZaSxCho5jeoDiPcSoaZqZFpwa7cfZvuzPls4Zw-XrNQodrX-1YGLThxSnmm7sYv27jLBeTNvN5d-tHHtnquAxex3A7O93xNViVJbaS8dzGI9R3uQh2XXs4vuYbAWRfHPuC4E10lAiF1xC7dLdQNad35koX30RP3VrX8uQQaZTMEqZiEaorbSSXv1kvr5QpMujX7i2m9wh1l0GWhU95HiJU2Arq76vMPm2p06xwA-E0u-R_IXgEGS6HN_hcVkHK4MU04cMI3ZodvE3p_qzaBSa9h4sX24A_prDy57mk&cid=CAASEuRocvXsL07lOHVBte7-iVCg7g&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 01:16:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame DF96 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuIBKucVi1LbOk9ZV53YTRm2oJSOBAd5G5OXOmAWSDxFL_xdmGoHk-cobTJOO1J8Pz0VealIg1qIXUi-ppGUTFdJD5hR1yXyA8xmhHIxNFHtwj5RzqRESUaBDWnpFpmIUxmC41yVALuoZ1NFx2wVGyr_xMA&cry=1&dbm_d=AKAmf-AFptNKX6UsinVZNlawvLqXQufwIYooEThpXMXYjW2hTWKPUqHFyrVuZtoJuXRYb_uPmqp7GmVnd80tqySSBofiYLqcNp_ua5vIQYcrWw9UvemM9moHNWT3qLWWh3SGXRDDmuJq3UljHNKlzROPnp4m3ApouxHgurEjSZJfQOU58osfEt9OjUCzRT2_x9f5O0G7GCU6l4GwraT1gPeIPF6GVDCTqZ2lSvTPg9-mWUQmSOaXZ_YQR8gBONNoEBOlFTQPgwfW-unvkfr-S7JR3ZFR-L4JWIxnjWWdkfyrlaw3AfckAIHxrn7p6uz43ohcedtYY7dZHfeL_RBPROiSxg5xhMRJByaSfKT_K3rVJryv91mhTwbfIYn0ZoDEYBbBxmTg9oUnmGK52RUfEI3MyWBLXSsBQB3MNT2Xau7rW4g4-dGSM-usGZW2TiKXZxFnQ_OJxLUGlEQtJ4PcgwxXS8ktR7YNMPFCYml_fY12ps1UeqcarW42VBITZQM14J1WFWh_jnolMZyJUpz_XPcZyDI6UcZNc4QwfT3Rnkju38gua0GYtG8I810IsXNtvPvtDf7CtlWW1Vew80w8hU-ldtL4lVNXdfAQBoLbcrHn6Naqe-aYTzUNsEvSbo6ENIOCEDsbpOUqUkDNC5LcyHjt63Y2zomWQQo9Q5YsqYIKI_VZpJvu1-PM2G-p7B0aOBW3-0DNgLDk9clRiv2WzoUOrRmNP7w1TuK2S4Vd0_D9PHYO6ihnWR_f1FXiPjmY0XBehsS4beA711THWaBHodueReh306n4WjLHmyymdn6kEh1KiFqwagzyCHDcasJTXr5AQitvBdDfnH3BykyOwSjrWVlZWT3C9HY9cElE4ltcAdyXjDKHs7ug14F8ATrhfyssRLUEl7G4Xrl5pnmNfAn1j_w0NFYH6cTmJQdlx862i9xgqGCoREGhXheczH4ZRm5eccZAwpoDjxJqMrC1b3Ki1BvOpoxkwlmPGJwuLCwa71GBAJfXVbDsQ8qdp6cpie5TlQKdoqb5BZ2WEr06eQivDVTQnCcWKydEul_WYRAtLyMKs1YtuemoJR58KNnZlcLymiHvlqSLJ3u5kcsyRJ4ru2stVo_MNRKmJW0jpAZTHVjtptxo7ytAMBqEmO2iWDgSpgzxmKg9Nq2FLcE4jOSxaw8PPnOMEXdW3sbltdiVl7RqIKYevNQCWO2_sapjZNT0aPI5TqR7ECJCCDmUCeFQP5ghSnLqQ85XS-VRjFOrFy6FwLNDX4zKkzq3ovbUS-1gOjqPYk0rsqBnZrqvPV5uauxyFh_OBth5QRFlKuvjGgvew1RvMguS0c2Ha6kOwpJt4w4WjKdWxeYzABeTAiaGw06LLzVoMlsZ7sxfAtl4q5KSWl8nHeyoJwvWRoB2ZEsQzz_uyGpgGuJCpfBRPO2RaAwbve9dHGp6quB1YBVhnOKgyb8_Amlzf0Agm02PZ0W_hPfgvjEfRKHO9fMQ3QrhcLh-SDG3OiKs5iykRTYnjEHnO56ENK-BKCtxnBT7RD4CTOhws-2UBSHpFnpkne3Jq-pIuOe9ZckbZ8FrHicz9DZk79hTpy-rIe9A1STlyGpXLKk2Rx9_PByAG2b9b0CEgoVlxFSpLtBAjaVN2jUUehxPfzW7pyre95HepNzYxEk_x6mpruCmz8mIjm29kXkkKSiL8pViAEvAYVLEdfLTP92Ic92s4wgprE11uSetFEwSjxypoyB4_G-u_tS6b7yM3q82_bHGGsaxgHxCQJskgEroBv_0ns-zkoecU81uA1xuiuDgO-j74AqzFoORiPP5_0tNgkxBdiRfkUQ8A4wtmPKaPFzIi1ctBgcGXBZcIa64GGvEK4W-Pm4NcFZMN-b9ttMnQt0moKVC6nsgfMj1V_QMw3R8QU2qO1jk2IYD4eWgrVfHN1ApS15ME0lEEbiCZYIN8RcaSuA-6L5zZ57pHQQ3ot2rM79oDeWMqRL2xpfFWLnzo3w64NFxEBz56bYi3JgsV5Yn3Xh3hhp9LQ9lzCb5g-mnt-xLAxvCpwI-bcRpIXxU10dpPcAJG-usMMHSHgPzg5zP6ThWYhLNbXfA7tb581XZkkpxzXvx8rwVqSbsxgibUw7-rvARaH7dgLDgYPEgG43E7t_dKiGHkPDdxQaV2Eq-HEj7V9x1qV0V7Belbu_JhkB3laC6aVzD3nUMLOVVrFt03KDv0G1nisLNb2BMAHBqkLVr4D-LFwoAEhQBSrzBRMsUub6C_xXT1ukeh4tCqcIe8tQh3GSUp6qPBcEJTzBixiX0HIIWJ18EtHVZ4EbTKJC7U75U3-XEXFC4m8XZM9aFrphXqkSBMKhwAIDMfcDWgU0b2hj7nfb7awjdlOF2QltsaZI6b6804rOafTA1ovnSt0dhDq-tBJ7boQhMw0QtI8kMntcswsEWTwz_yuE588NM3ERhF06xSyQkosvupoQ1TYHG8HSzo4Te2440v62Xt3jnoHjm7ULSB-iX66mfL2-cpBOEX-byodPufnmsb7xdRSovDaD-bEx4Qu_eMaTb9vLwCpmOGWjggQUlH8mKeEjX8oaPazxniSwtZZWWc4dvtNpddbO-uPhqvzbuM74lOBwtfvotToun5oRjNfZBEmhEYqcDUM_btqRHMyklyoB2Udbga9esFVTZx1PIr6OH9fPEsODwLW0GdvUjgdnxqpWBOFoEn6kGvrw6y_v-BRyEpdBjHU_nt8s5SSIOpsfdyr6jNlqksB8qs2lnsuWKNI5US2gqDbAa7ZVGmebSUicSCPEsz4BD_1rQ2wrbXXvqPa9igv79cP3BWKB1fEefcxmvG7t2l5yYL4IA3wqecCDvwhLUC1d3xLelJT3hf9ey3c35fC5QE6oe-FQUp5C-E91RgIatr9h7P9PNzJAj2-Wj76zxcQkkoW5XRX0ykcpMey_vTIQA3wtmvNKll_svDex-L3muRUolVnCDq0i_mtBcSxiz0yQUDLn9td_IaHJYSEH85Hs7JLNeIEhFdeq0gvcipZ_yUF1O4_hsoGGyIxuXQVtiqDXoOnp_IrEMVIqHyHUFHCubhXLgsT4A_kbP59_chhCcO6o65-7WWI7justAAYJ0SVuLjIplFnZdHPNck0HKGn38HVK9Uiofe2KFI4pXTPVyL58pbWxz23AvDIR_WbwHEyLmRyaOG-QSeMYWqJ54AqBODvmmCPYhX8-LPLgCf8Pb2CU4Jpwugph07lKLgH0PP1VlnJWZbDgvbNb9Q6bIUzc9LY5k5xtAMoFMb-Dor9VyFvu3HjH5np6FbYSY1z0oZRkyVqSA5QVycocaRSRewF1DO7eGN8iMj79ru7acHaJVi2bTY66QaqfXur71uwmYKpPrAhf16kSLkjIztl0&cid=CAASEuRo2g1INdIRx56smm6Q-zVs1A&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:50:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DF96 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuIBKucVi1LbOk9ZV53YTRm2oJSOBAd5G5OXOmAWSDxFL_xdmGoHk-cobTJOO1J8Pz0VealIg1qIXUi-ppGUTFdJD5hR1yXyA8xmhHIxNFHtwj5RzqRESUaBDWnpFpmIUxmC41yVALuoZ1NFx2wVGyr_xMA&cry=1&dbm_d=AKAmf-AFptNKX6UsinVZNlawvLqXQufwIYooEThpXMXYjW2hTWKPUqHFyrVuZtoJuXRYb_uPmqp7GmVnd80tqySSBofiYLqcNp_ua5vIQYcrWw9UvemM9moHNWT3qLWWh3SGXRDDmuJq3UljHNKlzROPnp4m3ApouxHgurEjSZJfQOU58osfEt9OjUCzRT2_x9f5O0G7GCU6l4GwraT1gPeIPF6GVDCTqZ2lSvTPg9-mWUQmSOaXZ_YQR8gBONNoEBOlFTQPgwfW-unvkfr-S7JR3ZFR-L4JWIxnjWWdkfyrlaw3AfckAIHxrn7p6uz43ohcedtYY7dZHfeL_RBPROiSxg5xhMRJByaSfKT_K3rVJryv91mhTwbfIYn0ZoDEYBbBxmTg9oUnmGK52RUfEI3MyWBLXSsBQB3MNT2Xau7rW4g4-dGSM-usGZW2TiKXZxFnQ_OJxLUGlEQtJ4PcgwxXS8ktR7YNMPFCYml_fY12ps1UeqcarW42VBITZQM14J1WFWh_jnolMZyJUpz_XPcZyDI6UcZNc4QwfT3Rnkju38gua0GYtG8I810IsXNtvPvtDf7CtlWW1Vew80w8hU-ldtL4lVNXdfAQBoLbcrHn6Naqe-aYTzUNsEvSbo6ENIOCEDsbpOUqUkDNC5LcyHjt63Y2zomWQQo9Q5YsqYIKI_VZpJvu1-PM2G-p7B0aOBW3-0DNgLDk9clRiv2WzoUOrRmNP7w1TuK2S4Vd0_D9PHYO6ihnWR_f1FXiPjmY0XBehsS4beA711THWaBHodueReh306n4WjLHmyymdn6kEh1KiFqwagzyCHDcasJTXr5AQitvBdDfnH3BykyOwSjrWVlZWT3C9HY9cElE4ltcAdyXjDKHs7ug14F8ATrhfyssRLUEl7G4Xrl5pnmNfAn1j_w0NFYH6cTmJQdlx862i9xgqGCoREGhXheczH4ZRm5eccZAwpoDjxJqMrC1b3Ki1BvOpoxkwlmPGJwuLCwa71GBAJfXVbDsQ8qdp6cpie5TlQKdoqb5BZ2WEr06eQivDVTQnCcWKydEul_WYRAtLyMKs1YtuemoJR58KNnZlcLymiHvlqSLJ3u5kcsyRJ4ru2stVo_MNRKmJW0jpAZTHVjtptxo7ytAMBqEmO2iWDgSpgzxmKg9Nq2FLcE4jOSxaw8PPnOMEXdW3sbltdiVl7RqIKYevNQCWO2_sapjZNT0aPI5TqR7ECJCCDmUCeFQP5ghSnLqQ85XS-VRjFOrFy6FwLNDX4zKkzq3ovbUS-1gOjqPYk0rsqBnZrqvPV5uauxyFh_OBth5QRFlKuvjGgvew1RvMguS0c2Ha6kOwpJt4w4WjKdWxeYzABeTAiaGw06LLzVoMlsZ7sxfAtl4q5KSWl8nHeyoJwvWRoB2ZEsQzz_uyGpgGuJCpfBRPO2RaAwbve9dHGp6quB1YBVhnOKgyb8_Amlzf0Agm02PZ0W_hPfgvjEfRKHO9fMQ3QrhcLh-SDG3OiKs5iykRTYnjEHnO56ENK-BKCtxnBT7RD4CTOhws-2UBSHpFnpkne3Jq-pIuOe9ZckbZ8FrHicz9DZk79hTpy-rIe9A1STlyGpXLKk2Rx9_PByAG2b9b0CEgoVlxFSpLtBAjaVN2jUUehxPfzW7pyre95HepNzYxEk_x6mpruCmz8mIjm29kXkkKSiL8pViAEvAYVLEdfLTP92Ic92s4wgprE11uSetFEwSjxypoyB4_G-u_tS6b7yM3q82_bHGGsaxgHxCQJskgEroBv_0ns-zkoecU81uA1xuiuDgO-j74AqzFoORiPP5_0tNgkxBdiRfkUQ8A4wtmPKaPFzIi1ctBgcGXBZcIa64GGvEK4W-Pm4NcFZMN-b9ttMnQt0moKVC6nsgfMj1V_QMw3R8QU2qO1jk2IYD4eWgrVfHN1ApS15ME0lEEbiCZYIN8RcaSuA-6L5zZ57pHQQ3ot2rM79oDeWMqRL2xpfFWLnzo3w64NFxEBz56bYi3JgsV5Yn3Xh3hhp9LQ9lzCb5g-mnt-xLAxvCpwI-bcRpIXxU10dpPcAJG-usMMHSHgPzg5zP6ThWYhLNbXfA7tb581XZkkpxzXvx8rwVqSbsxgibUw7-rvARaH7dgLDgYPEgG43E7t_dKiGHkPDdxQaV2Eq-HEj7V9x1qV0V7Belbu_JhkB3laC6aVzD3nUMLOVVrFt03KDv0G1nisLNb2BMAHBqkLVr4D-LFwoAEhQBSrzBRMsUub6C_xXT1ukeh4tCqcIe8tQh3GSUp6qPBcEJTzBixiX0HIIWJ18EtHVZ4EbTKJC7U75U3-XEXFC4m8XZM9aFrphXqkSBMKhwAIDMfcDWgU0b2hj7nfb7awjdlOF2QltsaZI6b6804rOafTA1ovnSt0dhDq-tBJ7boQhMw0QtI8kMntcswsEWTwz_yuE588NM3ERhF06xSyQkosvupoQ1TYHG8HSzo4Te2440v62Xt3jnoHjm7ULSB-iX66mfL2-cpBOEX-byodPufnmsb7xdRSovDaD-bEx4Qu_eMaTb9vLwCpmOGWjggQUlH8mKeEjX8oaPazxniSwtZZWWc4dvtNpddbO-uPhqvzbuM74lOBwtfvotToun5oRjNfZBEmhEYqcDUM_btqRHMyklyoB2Udbga9esFVTZx1PIr6OH9fPEsODwLW0GdvUjgdnxqpWBOFoEn6kGvrw6y_v-BRyEpdBjHU_nt8s5SSIOpsfdyr6jNlqksB8qs2lnsuWKNI5US2gqDbAa7ZVGmebSUicSCPEsz4BD_1rQ2wrbXXvqPa9igv79cP3BWKB1fEefcxmvG7t2l5yYL4IA3wqecCDvwhLUC1d3xLelJT3hf9ey3c35fC5QE6oe-FQUp5C-E91RgIatr9h7P9PNzJAj2-Wj76zxcQkkoW5XRX0ykcpMey_vTIQA3wtmvNKll_svDex-L3muRUolVnCDq0i_mtBcSxiz0yQUDLn9td_IaHJYSEH85Hs7JLNeIEhFdeq0gvcipZ_yUF1O4_hsoGGyIxuXQVtiqDXoOnp_IrEMVIqHyHUFHCubhXLgsT4A_kbP59_chhCcO6o65-7WWI7justAAYJ0SVuLjIplFnZdHPNck0HKGn38HVK9Uiofe2KFI4pXTPVyL58pbWxz23AvDIR_WbwHEyLmRyaOG-QSeMYWqJ54AqBODvmmCPYhX8-LPLgCf8Pb2CU4Jpwugph07lKLgH0PP1VlnJWZbDgvbNb9Q6bIUzc9LY5k5xtAMoFMb-Dor9VyFvu3HjH5np6FbYSY1z0oZRkyVqSA5QVycocaRSRewF1DO7eGN8iMj79ru7acHaJVi2bTY66QaqfXur71uwmYKpPrAhf16kSLkjIztl0&cid=CAASEuRo2g1INdIRx56smm6Q-zVs1A&rfl=1%2Chttps%253A%252F%252Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 01:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 01:16:07 GMT
k87fl8jofdhz
hal9000.redintelligence.net/zone/ Frame A036 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/k87fl8jofdhz?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c2145404a1bfc8481dda07b53aaa2545d82ef1a7969b2c9e5c31ba4e4f2a1382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3956
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame F480 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
96a284477ea862ee929a0a526da706281113e57ee9729c87af42bd5b22dca09b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3959
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: h.clarity.ms
URL: https://h.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:51:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
sodar
pagead2.googlesyndication.com/pagead/ Frame 4E7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012502&jk=817857336881988&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 4B5E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
af3789699bb73359a379541dfaeed7835267f7ba09f6325af16d16372d5d8a49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3965
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame DF96 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
df5f1fd67ccfda69061096b22f16278ec13f3d52ff8a55ecf8acbc1aad149f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3963
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900016.redintelligence.net/ Frame A036
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e7564298fa10f7559d192433970545d81e4a415651d31ea76071e52260b87499

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
84086700293986800710580011852016
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1264
Expires
Thu, 27 Jan 2022 19:51:42 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 +0100
request.php
hal900029.redintelligence.net/ Frame F480
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
8d74f3699f32c43afe0a15b23cd8bc3be4bd7cbf39c4f5aa9e0620175f42e99a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
36531900264373100710584011852029
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1267
Expires
Thu, 27 Jan 2022 19:51:42 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 +0100
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 7384 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 19:12:14 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7453 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
276847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900029.redintelligence.net/ Frame 4B5E
Redirect Chain
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e7e441f8b5158cef65b8b6a1443feba158823eb0abe5999d7838817576ba2f89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
78187200264373200710584011852029
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1266
Expires
Thu, 27 Jan 2022 19:51:42 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 +0100
request.php
hal900019.redintelligence.net/ Frame DF96
Redirect Chain
  • https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
7feb84cdd599e78cffba8709681115f40466782ce75fa2de81410811a47e4d4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
72058600270152600710584011852019
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1262
Expires
Thu, 27 Jan 2022 19:51:42 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 +0100
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 99AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
276847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4FD8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
276847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CD52 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 24 Jan 2022 14:57:35 GMT
expires
Tue, 24 Jan 2023 14:57:35 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
276847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 7453 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 19:12:14 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 99AE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 19:12:14 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 4FD8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 19:12:14 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame CD52 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 19:12:14 GMT
/
adv-srv.office-partner.de/ Frame 34C9
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:43 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 60B5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=72058600270152600710584011852019&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
914 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac34e43db7e971d8d9def651671497edd5c06d6cb060d540fd39b2db3b099c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44846eef499255-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame DF96 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72058600270152600710584011852019&nw=1
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
58e063eb0a661fca51c33654efd8189f45b659f484da3b5893289d89edb471ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832
8019191.fls.doubleclick.net/ Frame 7222
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832?
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
69792257492a864f2bb44cdae3f472d9fbfc5151c6c08fe1f0015ad35f3014df
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
expires
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900019.redintelligence.net/ Frame 940F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=64a98619d9&subid=&uid=36698ab478f9249d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9i0yzvfyYY_7A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_Q-0GPJGjsLVDhOWucPnxox8VByIHqbx5wTiwVpDsn-BjZCHJ7bh7nuCPhn1SOYyYKSvjwCrxLPDXbtvYfy3A7qb5bmJWfcezdc85RgycQSfMPOGFS0P82y8wXMngK6Y9o4BApA2y2hK9r63jyaEk2D-Y18lOnlhkKqD2shI2jL3Id4kyO8_BVcdy1k7duMkRPUIGCut3K9HtzSfQmjY4yQgYcJssK_kEj_0w9GPZ95ZzutNp7hUtNeEpOyluCcLK2f9H0SQnn5RV2txGdyxWj5lIMANKaUqp0BY2O1ZI3ykUxCjeFYFfC-XLFXPTOBjPp5_F-LXxqJVQw8zA7vQKJMWjZvxQovK-2USJmv5EOdqIG4bXdXDa4r6V5w8ST7X9NrkwDZDV8wsAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo2g1INdIRx56smm6Q-zVs1A%26sig%3DAOD64_0dsxBCa_HYa1sS9Wl0UXk5GjpvlQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BPad8uTS_g3XU9BBw10KboiHu5emigLtRZolQ7ZYr759cMVnte8P4YkvhSPaU7U7lKs3gIR2EXFAeQz9fZE8HK7pX2z4kP5UC1wQLOkjosVqhELyN45ED1BRMLiJYECSU9mjihXczI8qzippH19adSW4HZ7w%26cry%3D1%26dbm_d%3DAKAmf-BBmajfjMQYELp_YGndSgg4s62FoHDS4g8H8lmiHODzQR3Mz9u5pJXds_6NF2k_7tUFFa5wWQSegejps1rGTF-QV0yrECJtppJzrw6Pj43oFpfIfHeZdg-0nqLeevo9FLco4rirh7euZ1tr68B_FoVatyI-52aC7V2Oao16vcGxAZ0RuFDoEwX6rmMDIsuyQtrbG0Mfiwb-Hj82OpGthHvVe-WU5TKDWwBLp0JiSi4rjoGo_cA0WU3Xcjl0bmZpNOYIqOc-fgS65Q4090cq4fNVe4TkVcNUR1hiClK_SCt-zHQiaVuX0b4OBwa8F1wJCB-pv87inJ-G-OjxZVt2-XJWWHFlceqkMJEwOfltyK5heDcMDHVqr9BD5Rpoob-BlOn7dDkm7wI3T4np5tb5wrlken0W0VC4YrKT8-3MzAut1vPjDmK9nbmcShga6dFsDERAwvwy%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7628044494091&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
05fe1487ac557fda19156c504ea7fadcdb588f9c15354a130a2520297905ccb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2071
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame DF96 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=72058600270152600710584011852019&pv=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8FFB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
50279
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DF96 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9acd015edd95cb573f0ae5f0bcd03af5b7e1747a72cff936ff047f74a35f197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv-srv.office-partner.de/ Frame 8BBE
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:43 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 79E5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=84086700293986800710580011852016&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
914 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3fa4c8a5bc361cab1a33f6260a7297c0af7ae9df4b6f7085c24ca0b98456d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44846eef4c9255-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame A036 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=84086700293986800710580011852016&nw=1
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
0095190a28d2940781e4dcd5b52c8a0630599b24089f6e37357ec28993492310

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1230
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747
8019191.fls.doubleclick.net/ Frame A923
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747?
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
f025fe6c50add0fde44ebb2d6469026294e09df9f02e813ae66990eb38553658
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
expires
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900016.redintelligence.net/ Frame D1A6 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=a22a3d74e8&subid=&uid=898f77e375ddd3c8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuDkUzvfyYYz7A463x_APuP-jyAiP4PiGU_2xi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSiAk_QvDJqxIviC0z0F0tXFRSlfrJ91PYAIWEi_C5XJaIM5WcCCL8dvYQC3gr1H6J15hN3DRa0K0Ex3WHWWWFTFBj_x2vQ1GH-vmCi-QGc6gGdWKgyv-qLW2JrMmzp7qI87rsaBMsPSxKMFvsaBFQEtMA3j0WJBulgah9FFYDIicLqqHsRXwINz6bFDI8E1ylyBCqKRpTV1HzfyF8ZSy8hdbpGl9vJIQZviuouF3o3YLmQR0rJcJ-YK4ae56RbzV1nmcDPu5vaqjRND3ErBYS1jSCYxI8oV7f4WvQ2YPE0YdioYPBJz1pguvPFlx0FMBDk_YTe3CILodbBAovj4PEmt07R34VHuOl1UbAZxqrCvAJ1xyeBmsLw2IZpoSDcDseKHFuTwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoDPtqKqS-7bGY96v0pFv2SQ%26sig%3DAOD64_0ywsW9O_4qaup8bT7tOgLekg2tJg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-DxGJ1i4YTl-x1IqCkks_0e_JvV4qMGAFHmLofYaHEioEO5kBIglEqX9vvMHsrOtbsoNGDDgGMsSpz_OllAWc9txWFaq8ntd3406jtjDBV9BVCgSP8f7sHodxQsCrhtT0P6GH4gb6qfmM5S5BjqMM9ZyNM8vA%26cry%3D1%26dbm_d%3DAKAmf-B6ekJDcQzqDIzfrpf1_IMc9jIBKsfOrSHlVvRJSBtqHIx1WAAXY7SBBnCXhvkYhg4cZaSzLgBcIJ2-8NaLPB_gIlpkITiITeWhuOXt0ZnJvRxADaQoNGASg2mr9TaYQtjZkKEkoaKgUPKOPTctvIwOGQIi1jZvMPh1FZyMRHrCdmfGs6M8cLdh6HG0fZJEUoFhakpsvruyy1MSZD6FQpFpBia7L4DsLI0CACm8FLtnqef05Ra9n8gieVDMbeAdk0a0Mu2KrZkohD3bBk6y3dP0XhYXkVOZ3AawDU_NUZf_Cd2kEfSiyiy5fYcpbcn-geCTradaCMsU-kk0hTd37J0UyBXQ7KtimsuaKce-gPKxSV6gxHqyANhjYl3Z_FfEuLGzsKFZJ-Qy3O6TRpO4Q91idiCmhZfoTGQKN4HOoeE7nUoWwfMj61cuBUjzGmyuH8pZMF0q%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=9907265550868&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
db7ffea7471550902c7fa76cbec0dda208aae42c53f5943357b818a32bab7b03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2108
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame A036 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=84086700293986800710580011852016&pv=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 10F9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
50279
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A036 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abd0a2a3951acb61f5a64e107ae988dc241dc1349d673022c2c29550c515115a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 940F 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:17:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 940F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 940F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 940F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5c6383f08e5317a952ef5c37aee1f8d8d5f1dfb7d76ce4411adc595fca9b403a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
/
adv-srv.office-partner.de/ Frame B9B1
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:43 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame D748
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=78187200264373200710584011852029&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
914 B
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ed8a6c81b5024d2704f2fdd563396ca33d32d1acc6374d0283b96f6410973c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44846f78b59255-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 4B5E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=78187200264373200710584011852029&nw=1
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8855020c59934063055b4b43c3a84bbd31ad9846d58ef5575f148d23f3565924

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326
8019191.fls.doubleclick.net/ Frame DEDC
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326?
391 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326?
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
2f12626fad6bfa76f3fbc1d7afd6f1a4ae7d398e1e18d5f04c106338eafbd1e8
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
expires
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900029.redintelligence.net/ Frame 7025 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=2f38a35ca8&subid=&uid=90215938abc8cae0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUgyDzvfyYY37A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QaNG8SIJrkLM8lZgylVpKyp6Z5oVdLkPv0Kf1nEaFaZAPHZ2xN8OQidyooxikc-Yo2T1mvVpDvjapBaqvIJbS3AaVTci8eojYF62ZUBifIUQxIcDlEO8Vl8RavOXa4ICIKhAVEL3KySrGwnnqOxPbPgGxRrMXpPto9OGz5CLCXUkPq2tszO54O5fazqTF05xzvePmNLWwKQuOe3EGWR0N5J6yZYzqBBgqfNUCMAMVBErneT_776apV1PH7eyh4ENgMRwcg4NNGwXyddPSbsO4lq1HUdiKY3loNmT1mzcbDojdsmbL8iPVMHhy08KuNN_Dw3TYjE_cbsXIRddnZIq76y0Ksh-4TftPGSkft9Uo0iQkykjNi3JOlNnowfXmPfjtvnVEx0voLMAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRocvXsL07lOHVBte7-iVCg7g%26sig%3DAOD64_1wmEePTTehHsVxntRRRF5_ECULAQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-BtLFytZSyK8vHo7567bFD5pAHcwa4Sxrp9PGBvpS9vGCtazl_FWf6CC6jHVKs7-6EQFQNbSS1uM7e0xNT6_5R3f1SxGsh6Sj5_mzJzvGaYayp-JucD_3NM6kUfRLKvzQ6cLoHsQNRgIWshOq3CUoWWfnAWWA%26cry%3D1%26dbm_d%3DAKAmf-CrHImQy791fBFTHqKspXe2PWt2x9Al3ugTka2l5OvjxNuHZVBtC9z5ACZRGMLbtSAfG1ONTWw9VHS1d-V1cHF2uyuLB25oBMnOo_bkfzN3jT-vWOcuDTbdrFmpmHGne6Y4zXVLyFv96zAb8PAATqehMD0bna1GGOi6Z318o7b19ydfNIXYBYLTsCP456YiCQBh66VHRl5ZBK9mLcKr6xRvicYYyV2w9Z1UPICsYyl3xRLwxWGLMwpwJU4H668agH5FVwW-bnjQgn9nZzma-CYs4fxPyHJitygwCXrQE1viRztciQpMo8Vzi8ZRzgLCMwpRI4aS5WLwJE-eXdEo4SVsWjm5iWBGCPRBVz84MjN9ZZwOsfgn0XsH4aDkXW3rbKVhKK1kZ_QpO6qFvFy_093K-4qM5c2wQUJ5DlAfgT5s9o2G4xLpJltnEhvcTElk0vTeeyxH%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=8616192596090&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
36ab84ab7119ffd8d908a6a06443eb7b42b186477155f074b02d68c46eec475a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2062
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 4B5E 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=78187200264373200710584011852029&pv=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F42E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
50279
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4B5E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e46212cd0f9da83e734a895a263e97080d0cd2b2081a96eeebb74a795b0fac5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv-srv.office-partner.de/ Frame 8C85
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:43 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 10F5
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=36531900264373100710584011852029&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
914 B
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e870ce23282b564f095c397a820b2ad18f248eae583bea3e3c6d7b7b6ed61c11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44846fb93c9255-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame F480 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=36531900264373100710584011852029&nw=1
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
920695c41fe01f96cfcdfce8a87d0bf2557fc117938c1386eff463f0916104aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355
8019191.fls.doubleclick.net/ Frame 8117
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355?
Requested by
Host: feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
e465095c743402e7c944b168ba9c370857d6d81019a645b653d1afd448f0f00e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
expires
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900029.redintelligence.net/ Frame 99B4 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=0c1abca926&subid=&uid=df5bd1ac7f20d44e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGmotzvfyYY77A463x_APuP-jyAiP4PiGU_Woi6TKDPAuEAEg0L_uOGCV4pCCoAfIAQmpAqZMXYN9ubI-qAMBqgSpAk_QrtK6no_BajgEw9UEX88agZ4sGyKnX-lSCEsW81CplluJo-prKhBPy4PQiPUdmRnYsJj0XntY2SbkDRpHaRLca-rrkRc3lrazRBUXi8dl3Woi26etasSTbnV9RqaHAA-Ce4sG4Ewoh13GmAILTNtfQPRI5o7yW5J9cNz4m3vCjcFeuBmiocDsGXBx0gNUJUnW9ut8qyZOOcYxI1s0zKYnM8HLQjjRr0DT3McskTWz8LzZxcvQdAp0OLrrnnVarDl7sjMIIfS_BrWbOUFSynlGFx-LLLxUq9zaf-K2VswWbTr8BrVj1RnSbmfXzL7UxbzSphgnUlYyrBcUHXoEQB-azvOF_Wb4_H-kX3NPGsy54kUbM4RMQvX3vNa-L5vczhh0qLNmIiy7kcAEu_GowM8B4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoLnAAkDQSe73Ywxf5KBZybw%26sig%3DAOD64_2mwGfX0HVdOZLV1p9CKeOmh-HXuA%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-A7pI_h5WkzPAkjgXPL1nHUrEmIdQGZwijBU7O599IxPKtyurGXuYgK72DqLSywORddH8oOFj6anCIjOvZSPtd2gFZktUf8iGKpZUG4i8Yr_8_aaVjLiCM-iiBflbtl7U4NRbYV9MoG8FjZ4bEXtZBCd4-kOg%26cry%3D1%26dbm_d%3DAKAmf-A-ymzTcvpRRAzVse_v0nX9mi-VnqthcHoLnEJ85jKoKvpiUVv6BPs-Hqoj-rx1vG8A5AzFm6T37QJiyPJF22eWmUJCuNkH4B44lA8CPJU2tk9EsZimmhDeyBjXcASNA10Edt9NvMsKN6DwutEkbBNUyzESiJ-xo-3bWQ0mQSQgQLA1JOjlLMfjcHHapMaDJ64S-nJseMYxz8W4RXmS533weBGE-hOU9j-p9svFfDSfAAekXgowomSpMXXF5poGaiLmfBMQJ4CY5KzURtXxOynt_cMAUFI45E0fWmGoJnXK-UtQhMG3BOC86X_A5GFccVwR8-n0VeQuceoZS-cViYrOb2wyzx3Ach5DgEbLfZJn7vOWnN7iFkN5bVvFsIuk-XcHHTcojPvflhMblUe3MBvMJmSUIuhoRdxKO1x5qsNw_3p-IDT-RzNAHtuQLsKDpvrYkAOS%26adurl%3D&documentReferer=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br%2F&ancestorOrigins=https%3A%2F%2Ffeature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br&random=7602073447925&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
d690a719026df37a9a0e96e6fa42fd9bfa669716a0540f05678f15e96755a348

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2061
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame F480 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=36531900264373100710584011852029&pv=1
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-94-3.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1E19 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 05:53:44 GMT
expires
Fri, 28 Jan 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
50279
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F480 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
791e160431d75b016c83351fccc4b8d95ee926011ba1f19d97c2c39f5d38863c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 7384 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HKotdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame D1A6 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:36:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:43 GMT
/
hal9000.redintelligence.net/scale/ Frame D1A6 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame D1A6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame D1A6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5c6383f08e5317a952ef5c37aee1f8d8d5f1dfb7d76ce4411adc595fca9b403a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900019.redintelligence.net/ Frame 940F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=72058600270152600710584011852019&a=5577cfc1&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=72058600270152600710584011852019&a=1d7891a2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 940F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 940F 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 79E5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484712cab9255-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 79E5 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484712caf9255-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 79E5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44847199f48fd0-FRA
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4H...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZMM3p3QUFCT1NZZkhPaw&google_push=AYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4HwccI0h0theA6RGxOUI32TNruYh4jVLFo2gra1kKJsh2m6j-06LwuO9RE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZMM3p3QUFCT1NZZkhPaw&google_push=AYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4HwccI0h0theA6RGxOUI32TNruYh4jVLFo2gra1kKJsh2m6j-06LwuO9RE
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZMM3p3QUFCT1NZZkhPaw&google_push=AYg5qPJ6zGSJuqn9oIHx-oL6QpLEDUNi1lVaARqb-4HwccI0h0theA6RGxOUI32TNruYh4jVLFo2gra1kKJsh2m6j-06LwuO9RE
Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDcxRmZtUmMxTmRhTzM1&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDcxRmZtUmMxTmRhTzM1&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_nLzNTK2LkjHHZZImiAWScBYuTioeVT-qqo5Ms7Zu7zoolcLBRVw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:42 GMT
Server
PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-01aea22bac6ef85ce@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDcxRmZtUmMxTmRhTzM1&google_gid=CAESEB5gS7r77xKcnKz7Zu-P5O4&google_cver=1&google_push=AYg5qPKfsd119p4OurOGJ8OPyJWBceSwG6z4kzgjAQC88e_nLzNTK2LkjHHZZImiAWScBYuTioeVT-qqo5Ms7Zu7zoolcLBRVw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAf5vCGi9ISIX_umxii-g0&google_cver=1&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw&google_hm=NTcyMTgxODMyMDcxNzM4NjUx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw&google_hm=NTcyMTgxODMyMDcxNzM4NjUxMA%3D%3D
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:51:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKDGdZbSh0TTHDad2H2qxQ0brjYIXjIMdrUJrK0RqMrEOa6eNXdHytQNjkWRdo_x8XEHlDtlBZRv88aOlfiTpIWcIWXTw&google_hm=NTcyMTgxODMyMDcxNzM4NjUxMA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 8FFB 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEK_cWXzkynrbvj9xWJX-RO4&google_cver=1&google_push=AYg5qPIJInJ4BNVZFfVnqqcaOreJv2ety_oZcjM2nMBv4ffdFzHt3DSpsjTay9G8_Xdxe6IeiNCj91S4ND39YwCl4Q8bYUFTgnk
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:51:43 GMT
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAEohqtqrPuZ8gI08zsdTPg&google_cver=1&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAEohqtqrPuZ8gI08zsdTPg&google_cver=1&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbL...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ0sg5X2n0ojoEUmsGo1TARExI6MIJ2JZvw_Iw_TV-PTcg2dPwGACi8wbQyOExfWCV5hngcKHwbzZHgfzfSv3zbLZS0Bh0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMJjIWDkZiVogAFwGat2GY&google_cver=1&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4L...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEMJjIWDkZiVogAFwGat2GY&google_cver=1&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4L...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc&google_hm=e8371f7b4dcc943aa06bd45f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc&google_hm=e8371f7b4dcc943aa06bd45f
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:44 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLhv89LQTgB2F-2bwI65M3lAUg2uaB-ccAf_N2BGu_q-tjjfHIzmH09vLQ_rw5-v7v4MAXh5XUtv-Wktt-4Lvbwung3noc&google_hm=e8371f7b4dcc943aa06bd45f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 8FFB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENVCANAw7oEh2Ux6BTJkXaM&google_cver=1&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyMzkyMTg0NTkyNjAyMTcwODgxOQ%3D%3D&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyMzkyMTg0NTkyNjAyMTcwODgxOQ%3D%3D&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkyMzkyMTg0NTkyNjAyMTcwODgxOQ%3D%3D&google_push=AYg5qPK6ZWA2ckgI1L8aAulaiq013bj5b6huc-3M3HWHw2t9ja5l4vRWviowMYEuMhdJuBt-ZjwQT9bvF__X7MMH4-uSPVadSDY
date
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 8FFB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kfk4AbjcNELXpZx01Gut03WQmiJaCSveuQHbuAs4vR4Vr4G3kXFtQu4DSu28xS6HG-YBkC
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 7025 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:24:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 7025 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7025 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7025 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5c6383f08e5317a952ef5c37aee1f8d8d5f1dfb7d76ce4411adc595fca9b403a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame DF96 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72058600270152600710584011852019&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3157923491f1e8705fd766b0cf62e414.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59497
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
PYNUXdb2Yr0YrNuBFO7caQbJELqexOvMrVnhA_NzPLWPsVTA3lI-qg==
link.html
track.webgains.com/ Frame DF96 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=88346700238985400710624011852007&wglinkid=498343
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 60B5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484713cd99255-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 60B5 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484713cde9255-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 60B5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44847199f68fd0-FRA
css
fonts.googleapis.com/ Frame 99B4 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:23:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 99B4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 99B4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 99B4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5c6383f08e5317a952ef5c37aee1f8d8d5f1dfb7d76ce4411adc595fca9b403a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 34C9 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31994
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:43 GMT
gtm.js
www.googletagmanager.com/ Frame 8BBE 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31990
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:43 GMT
dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832
adservice.google.com/ddm/fls/z/ Frame 7222 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CInfkq7a0vUCFRLkGwod9v8D6w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6946995287923.832?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747
adservice.google.com/ddm/fls/z/ Frame A923 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJrgkq7a0vUCFRIUGwodO0IKlA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6133124482127.747?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame D748 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484714d0b9255-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame D748 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484714d0f9255-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame D748 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44847199fa8fd0-FRA
pvClk.min.js
analytics.webgains.io/ Frame A036 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=84086700293986800710580011852016&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3157923491f1e8705fd766b0cf62e414.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59497
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
bBKdxqIfiLB3jIb4he7aaQZVC_F4klZylcPs34fBIeme7BEY0-HQ3A==
link.html
track.webgains.com/ Frame A036 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=39729900248194900710592011852030&wglinkid=498343
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326
adservice.google.com/ddm/fls/z/ Frame DEDC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CK3YmK7a0vUCFQ6nGwodZ9gOSg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9898330033061.326?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 10F5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484716d8b9255-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 10F5 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36559
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d4484716d919255-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 10F5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44847199fc8fd0-FRA
dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355
adservice.google.com/ddm/fls/z/ Frame 8117 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CN6cma7a0vUCFcceGwodIWIB2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7971482370097.355?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:43 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame B9B1 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31990
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:43 GMT
gtm.js
www.googletagmanager.com/ Frame 8C85 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9d9a742fbfb92e5cb9d4d5a806b9826c0384534c510bd2384c9d60a67a1c16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31993
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:43 GMT
pvClk.min.js
analytics.webgains.io/ Frame 4B5E 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=78187200264373200710584011852029&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3157923491f1e8705fd766b0cf62e414.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59497
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
HXK1SsrYthMnhBkn2LVR52yxq4TUt2NRDPbrKnC-wGE15RiJL2desQ==
link.html
track.webgains.com/ Frame 4B5E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=55020000266650000714178011852019&wglinkid=2513135
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame F480 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=36531900264373100710584011852029&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3157923491f1e8705fd766b0cf62e414.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59497
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
B0__W5RYEVAOhsvXvqaGpTvIJKzvo1RSrHZl2Is9-UcsMUh4IhtpiA==
link.html
track.webgains.com/ Frame F480 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=30701200265800600710626011852005&wglinkid=2513135
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:43 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 10F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1&google_push=AYg5qPJrRlrFmfLEerGxJ0CJAZr_to_NgHjJcWp7eU1ylo4CnnP2HEJ9M1ORGIPYOJjmFEGXyZkpXwjhzqylRTrVPcTTU3R1wXzcpA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5OTg4ODMxNjA3NTY1MDUzOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 10F9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENXDOZRVAXR12bDEfF_LXAM&google_cver=1&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAll...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAllxOsk2oky_rx9kQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAllxOsk2oky_rx9kQ
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL6oed1l41VL-8GZtkkHfxlroZE6sTX09zWW3Oirjgzu6v_u_12QnNM2scfRQIgpf9W_qFD5mv8u-R5dAllxOsk2oky_rx9kQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 GMT
pixel
cm.g.doubleclick.net/ Frame 10F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIWpOi13WVeCTVVpfYVnz_A&google_push=AYg5qPLoKdSu85qmOgv6JkKQ75lryQzYXJ16s91sXryJBOfr_YJJEsDRco...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIWpOi13WVeCTVVpfYVnz_A&google_push=AYg5qPLoKdSu85qmOgv6JkKQ75lryQzYXJ16s91sXryJBOfr_YJJEsDRcoa_MIRmSJ7Qbk72ioD5VGBmuoA0ZMYlvz7rrqTn3vLiDw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643313104.676195,VS0,VE93
x-served-by
cache-hhn4080-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIWpOi13WVeCTVVpfYVnz_A&google_push=AYg5qPLoKdSu85qmOgv6JkKQ75lryQzYXJ16s91sXryJBOfr_YJJEsDRcoa_MIRmSJ7Qbk72ioD5VGBmuoA0ZMYlvz7rrqTn3vLiDw
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
dds
rtb.openx.net/sync/ Frame 10F9 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH3Md974CxzXF_Rv8ZEcFIo&google_cver=1&google_push=AYg5qPIdkmwjCC5A3n-NXQdQeoLV48v6swAxi4XYGJh-zXv_389f09Vg_LeuAc-QAcG82aaOVT9fXnDhwesCghNtm_5pdYS0SbFHIw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ejrdir5gka59da2trmaf54rcenetq4am
pixel
cm.g.doubleclick.net/ Frame 10F9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DfaDtJpdSSGRcTCpdRMSSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DfaDtJpdSSGRcTCpdRMSSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfQXu1XkEmiG3iDcxuWclZla8B6QSXpC_xDe-SLsxkD35VvKEssklqXGV9Wtw-S646vUcV13fztheEpJW9nUvq3UTNB6xyuA
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DfaDtJpdSSGRcTCpdRMSSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJfQXu1XkEmiG3iDcxuWclZla8B6QSXpC_xDe-SLsxkD35VvKEssklqXGV9Wtw-S646vUcV13fztheEpJW9nUvq3UTNB6xyuA
date
Thu, 27 Jan 2022 19:51:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 10F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIg1uUGQ9rZZFJWwDIurgFY&google_cver=1&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgF...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZYV0QtVC1GNDVY&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgFyFucQJtvpF09jglBLnS4s-mgf9w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZYV0QtVC1GNDVY&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgFyFucQJtvpF09jglBLnS4s-mgf9w
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZYV0QtVC1GNDVY&google_push=AYg5qPJXCl2YVdQk0vZ08M4aUur34hPGwi1wi1ulubotgP4Zo0oMQcCJ2xNXs5anH6k9rZkaTgFyFucQJtvpF09jglBLnS4s-mgf9w
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 10F9
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-sR_5M42TL3n_2jaX_OhlWUc6jUHwrmiszpMiw
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPKxC1WfXStLY_U_dkSn7OEwzZkuWS2kqfZ-ytvTkZODSt-R00cR33VfLnfQ-sR_5M42TL3n_2jaX_OhlWUc6jUHwrmiszpMiw
date
Thu, 27 Jan 2022 19:51:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 10F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGQfrcIEAg6HIbUnjmD0lQdjWqltA7ddRn4CbM0VY-tZOn70WCLoquV55qxqVMU3wTmTLXKQ
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900016.redintelligence.net/ Frame D1A6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=84086700293986800710580011852016&a=4c3fcc35&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=84086700293986800710580011852016&a=9c0156f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012502&jk=817857336881988&bg=!jY6ljsrNAAY6OBv_Ojg7ACkAdvg8WjktSRgb_W28PcJHERukZGEIUbuMEnmAeMI-tPklRHBaH1j7FAIAAAKJUgAAAANoAQeZAtNdpyw_GIJWtWNpM01wQTPy_SaPDDYJhluyfWZ545boYgzih4mLKU-PWXOLThRGskVSGzMmnjOkqEiD36UIz98KEw8yQiVXcKhhyMTYX04bLgK1NBoDwuiyILOGY-pWFojkKjnW__xvFdFFBi7fkaxAaFdlzaLNaraWMGiXqIrLhduzp1L4bNnso2tMs2YfVExnuKUVYv9eN0eBWShSGizdB2-yzNAXeX5Ve63cliI8RTJMAZlZDiP-FeJFgQLadySGy6E6HXDdWUnxzji7iU2Y5fp_5pY8we6I744ImSZXpWkKJLtTOKTnlTTwlYEE-fgzcwo5XPv3iYkIekxBA2aTbv2AD1BnFt5WbMRHFkWJ7zgKEWyV6rTJW1UzydPfge74z6__VYJ2q1lhOVO35PHgQePMkRZSmcviogp1r3J0hRiZ9iHMs8MSTAh6CVf6FqIcETeTEvJv7Ng-L58JllcuNOneMoo_tt-rrJ9-nI9uX_DxRgsTVbJibM4LtYlp3U9IXby1ZCVwXbiw0sIRGNmmBDydTdfIqEqyYfb82H_Ox3fSMTfnDsj6cgiaUfTxW0E8tT1wLauZ2y-grWdtFHi7wCzd2OT9ofbWwg8IjB50lQSkRTlnVFf52fa_igPeltpXQAtnUuXTjzIYzp3t3VWLml3hQP1dtWOUrFu7I2cVK544RKUWAnIzIqH-BM16EFgYWkep8xfgw0DpMwLw_lEBPp7w892cznoUqermZ_IW1M2miTN2yTKlnA6XvQ8Q4vl53LKT5aNRLKL030bLPJUp16718os165oTUtzC4QH8zs9lFzu4Nir5LOCKOtiJWqa4UXe9Rn7h7yq20JvI80qRoCQegVG_a3MO03bpZkGKoxvOHSAjj0w5OYv93G4c-aGLwkVeIW4IXovqEffJuy0RerfDQhsdTL9ExsvRUmJdGP-S9gInuS6ycKwYMcAbk9iDd8E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F42E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1&google_push=AYg5qPIdISCTxPf9nJqFdhp6QnPvZs3lNgMXhitIewR9Pu81dtP2SbAvy97dTpKMmd-j2RoCsWPkm5c9xLUSgNGc17v2puOhSVxq
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODY5OTg4ODMxNjA3NTY1MDUzOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEGTNus-1qF4SOwdexaOFSc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F42E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENXDOZRVAXR12bDEfF_LXAM&google_cver=1&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPun...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPunInBn1iSJ00o
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPunInBn1iSJ00o
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI6RutnqzV2sD0DFPZDGNIk6WEggE7hpb4pMe-XOxAuyEWNmMRgTa_r-8ZeKfINnnqchWpE1FhbxMg1pPunInBn1iSJ00o
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:42 GMT
google
match.adsrvr.org/track/cmf/ Frame F42E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIRz1DHVG4aO0wKze6GQ8Ys&google_cver=1&google_push=AYg5qPKgGFaObmSkVwIW0i-FBlKcJQ-uVi8EBHK7yuzy5-yrGnqjnN3fOoyjs4r0yEIVuiNtYMlFU0eVJJeg5TpdKBBa3Jq5V8E
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dds
rtb.openx.net/sync/ Frame F42E 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH3Md974CxzXF_Rv8ZEcFIo&google_cver=1&google_push=AYg5qPKuzoplwQtZ_sJJw8aTje5VnEupTIWLepdCkQKnOoQELkfHt6uOJ4qSScCtVFHn3AuMXvbSlN1wUq2rH7uOJK8liDniy1gz
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:42 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
csge5pl181f7gn3la5g9u51tp48k7lvg
pixel
cm.g.doubleclick.net/ Frame F42E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aooziRcoQEyVgJz1tFV8Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aooziRcoQEyVgJz1tFV8Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcA9TVheUALM-IOz2CR-o_62tIEzlfWiA33lFBj6ISvB-bChhqmIiwX_JVIlSkkT3-EoW6t7sS04quOpZD_5CH4xtYGbmr
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aooziRcoQEyVgJz1tFV8Xw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcA9TVheUALM-IOz2CR-o_62tIEzlfWiA33lFBj6ISvB-bChhqmIiwX_JVIlSkkT3-EoW6t7sS04quOpZD_5CH4xtYGbmr
date
Thu, 27 Jan 2022 19:51:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F42E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-Otlcs...
0
0
pixel
cm.g.doubleclick.net/ Frame F42E
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESENvGmm6sBnFTSShVPD0Oi0A&google_cver=1&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
0
0
attr
cm.g.doubleclick.net/pixel/ Frame F42E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LM5fFzZkXxP9aXk3_Xe24nxtRIIPA6-havSekXFeJbOIba_sWAIZXfqqJewITAEugq7tND
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
google
match.adsrvr.org/track/cmf/ Frame 1E19 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIRz1DHVG4aO0wKze6GQ8Ys&google_cver=1&google_push=AYg5qPK-5ui47sKljI6JhWsCUqNBab5WFpagMQRT-pflYJ2bAdRjrNbiWnn1-7GwR7dPCN2TpAZHxfAQbHUXHh1HDwBeELaNDzte7w
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1E19 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECYiVRNbLC0CIA3DHxobfQI&google_cver=1&google_push=AYg5qPLDnNyUa-ncgj20SukuY1SvvKfjKe7xlHg7FZp_XGfoO5b9Cbib8abbXAPuMt4vf4qnaTMaqQ3GG0SWSf8YPjE52_VWnnkvUg
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.170 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1E19
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM2a3Xf1iKJWGpOAY5YVqE4&google_cver=1&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAzNDQ5MDM4MjQ3OQ%3D%3D&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA7wOF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAzNDQ5MDM4MjQ3OQ%3D%3D&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA7wOFGozuNOjNmvXQ
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAzNDQ5MDM4MjQ3OQ%3D%3D&google_push=AYg5qPKOHsOm4R971yBqkprUun4CdpIdeImdfQoqWd2kbBw6YdQ1IQ6KsnPvWYSYnG7hk7ewhWdsegXbKVH2yA7wOFGozuNOjNmvXQ
Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1E19
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zZyAS7P3SWiy8MX00VVB3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zZyAS7P3SWiy8MX00VVB3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuq4wJrkVm7Ncp1S9SZbpKCJ5j06gAumCZ0Ww1dqzMTYZ4UeU_7RWEriuLiRH4LMWSwO3yzEyhOxlJHm0OeTScMtQoR3JrnA
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zZyAS7P3SWiy8MX00VVB3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuq4wJrkVm7Ncp1S9SZbpKCJ5j06gAumCZ0Ww1dqzMTYZ4UeU_7RWEriuLiRH4LMWSwO3yzEyhOxlJHm0OeTScMtQoR3JrnA
date
Thu, 27 Jan 2022 19:51:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1E19
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKs...
0
0
sync
ssbsync.smartadserver.com/api/ Frame 1E19 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGIShQ_Dx74Osj6QmM4qsTg&google_cver=1&google_push=AYg5qPIgd4JLby2VLxWUzDhlyTHy3qdnef5LQVYCfYXNbjnuOqPDUFerixZzYuk2xfDMy9AunlCzrWUVZACbr6Fuc9fEpa3WVgne
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1E19
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8Ld...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGuvByH8wDf4oqGaFKckaSM&google_cver=1&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_wbzr9SP1Kxuv_Ev9Xtor0J-KSow_mvwegrxQ
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4Y2FjYjg1NS03ZmFhLTExZWMtODcwMy0wNjQ2OTg0OWQ0YWU%3D&google_push=AYg5qPLmzaLPcmGlX-C9ck6EbD5wHskzV9EuU3ddDjelGaRRF2_2o8LdwdRmL4qKv_wbzr9SP1Kxuv_Ev9Xtor0J-KSow_mvwegrxQ
date
Thu, 27 Jan 2022 19:51:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 1E19 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuQQhH46QyVQf0khebYXuHwfryxDZqLtayD5ksBtpaT-LQfeec2fed-Hj8FNeB9Gbqsfx-Zg
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900029.redintelligence.net/ Frame 7025 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=78187200264373200710584011852029&a=f77cc5db&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=78187200264373200710584011852029&a=81bf6bc2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7025 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7025 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
viewability
hal900029.redintelligence.net/ Frame 99B4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=36531900264373100710584011852029&a=e81c560e&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=36531900264373100710584011852029&a=08750d52
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 99B4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 99B4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
eum.min.js
eum.instana.io/ Frame 79E5 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215800
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d448472caab9164-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 79E5 		15 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID&ref=https%3A%2F%2Fa49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44847288519255-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 10F5 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215800
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d448472caaf9164-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 10F5 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID&ref=https%3A%2F%2Fa49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d448472885e9255-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame D748 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215800
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d448472cab89164-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame D748 		15 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID&ref=https%3A%2F%2Fa49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44847298649255-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 60B5 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
215800
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d448472cab49164-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 60B5 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID&ref=https%3A%2F%2Fa49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d448472987e9255-FRA
content-length
15
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHlJxzvfyYYjvJu6A3gPKi7H4BgAAAAA4AeAEAg&bg=!NDelN3PNAAY6OBv_Ojg7ACkAdvg8Wop8rONv0fo84r2YKL0OB7FlVlv_XD7KmcHGt3OM0nTtEjc08gIAAALMUgAAAANoAQcKAAoSlzfYQdLFcJ9xmQM5abSq8_CsjSlqu2ptKYyGoIPTedBvE7vRKY1mjvUQwZ4RtoUJ0O2qxk5Iv-j5t3KCDFMIL6JidDc0prCDxpikbGd8szAxPZhOHFREUp0IYpySJD0oP5nFDQfhklRtaPh3r9SORDIjKu46iq61hYEodn8F2weyk3AyjUI2jcAgxPBTNVDMErn-zvZEV1_gw8GygK65d_F8750BcjMLU2044XKFf5fOlPKfsBRMnE1ys6pXEfl8LhMeAPuRPeGV5Bp-Zy6KeRMlzHYnjGtDAxS14U6AKMetWrVU345C6bSy3eubctv9gkLl5t6pQbkb1VZKwql_-O35MlaH8DE2mkwThxScJ9tINytmxziMTgLqnZlny2f4u-6t1K8DI9DOMiJt0Iv2KWqrA48xAzQFrYPgwN3WbpJG-M1_YEng3ElkQVML8pJ9reZRKVEqRMlmL6I7-nvsHgitOnwVgydsuDW1oN9HJWU3MjS1GMMDNRAsbyHoLJeD52z0m9EunuqlhRInehtP3EACjNMxJUEDO5VeR4OzIk7p8XR3wShrBszTu_JS5bbyX-REzbAoh2Vi4jldGtlR7Qiruxcu5PI-bLve9NrlTHgu1v86r8Vbe8jvgW9pulcLr1eMveJK-qHXbN08xhKXxrjmWaNlklzU6_GoLgxt85QkkeUGRZaa0OV6tHhvVr_PAf1sB3tHYciFmImW-a37StAfU8Gb2fOtQB4rU2p_M3ZO6pCQnXKja_uOb4JbtdOstT8vTzWNUSYhwAuBP8jevXa_Z7GZC5yTtq1ZtAPrmRQwnLcxS_UeDN0cFwVBCZysvRMX0nyq8wmdD__-OSX0u1jRVynMDapBxgFvqosiEjO2fjaXUQBSF7wbPkyOiCFkDg1D4hlm1uwNZfpAjVdkaOCGpeUrGmPLSFWLX88rOGioR6H08Ef1Fxc5wDKDUFzPyOoccUnzH1UX5jR52EEVa0rvOCb9ZaOFzDNHzodMeWodHnfpZlnrEYXqq0ZebmbSzvCaRR6A5VBwlwyUnucdxc-UBP_Yhm9o-tRKSTZY7jTd-5MfIgS3yyqTkSWwDDcN0vNpe2H3qB1tk3PR4W0_7Voot7bh
Requested by
Host: a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
URL: https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7453 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPWdYzvfyYa_UJZKVrATPp6vgDAAAAAA4AeAEAg&bg=!iIuli8_NAAY6OBv_Ojg7ACkAdvg8Wubm-hdLAXLmY8BjdyfYkWsM5ecdKsZQHohSgS-nHqvuvzoo5gIAAAMHUgAAAAVoAQcKADMYx9bPKHsT_mznQmUA8eMegQWSI-im4-5zd01SBpiznfgd1Gs-k3wxDfaq_nCQHLzwKiqZA2VB7OsEHOPxSDk3R5O2EAVEXcUBbuUEskMl5_FdjbPrvRihPqk5VA73UI6ZwdeRaoYCtbUlhXp-Gvtm8NiU8Sq_AX_p1RMi5x5RZilyU1RwqB8druqd1xodujlchUOUKShMmbvfEifG4YZC4NbKcA3sw7eKqP0OZq15zrysMXP0LSN0EaHh_q5iJyK7DYqykatX47VtGzZJbXPXFYzJ8H8FaCY56mTmIwMIeOs3CmhkTNp0EG0C7sF3MoAkfoEMC_1nYQtUIBuaqWHr_wY4ySp7v2bbIe4ITqLgdrMLl_BYrkahuvZDN5NcY-DzaGg81s4--QVTNP-nnwJ5kuHBH-K_z3BQ3HuaUVJcpeCF-jCrDCstc0-k0hszh4CbGs4_RLxiCLusRl-Qnb5YQnhULrqTKhdUDSFCpVOwevlLn7RQKS65NyKkYr6IIMvFwiE9Hv3hJDQl_a5FrVt8L6O4zfh4q6ND6xUDx0lEsiqWMn2QBTXx_uJC0M28AqozXmpxM2U4KXb4GUuZTr996T0kb3IBYN2KqHgRXWKly4qEKL3Zonv4sCco8NDv563baD9WvA6mxVGN3BGrOCigTozqgiXlO33nenvDjVKTYGbGekm4JZVErSldLXFYB9arbEmXfPHL8lhUv-I-bu_5geflMFIetxWIwMxP78Ic5v0XZ-v31E7-z6R7A3-2rC_tbqm9VNUeqp1pnEtEf3mJbDZDRBRcMDh6XXncCMnnM87xavhMUn5ccxIhPXJY9wMV5-hJE1ZxQuzGu1fZGj6hivzT4FBkbsZ3ZPY4zu78kBnFz5OF-a9dmzBw08rFh6bxFrDFKvrIOK8F2aAwRHw3WrprcoW-Il0MnMVztCnU03Co3Neq70S3HM_x08HIjJSWj-CUNjEG-1185QIPHcnZlCLEwczNt1q9XBM46MlK4zNJRGWoKjOMUq3y3D2SAtlgjhVlhsAYcnTqPOzgaUbJwPsAfqBZXO-rRFWFiQJPPGk4IkFHGSwh8A34V5o7FGgaraeOsSxTF8LG3Fzt8mSKYprWiYMMjts7c0UjVM1MDT7Wu9WcDfLvaS1f3C_VdHemMLj1kV6EoTv_3PoYqBCP5FXYQ0rWM4CNdGWyEOAEKqMFFxORiPj6wWtMOXbPHsDZr7TtFADCxiFYag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FD8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuJM8zvfyYb-NJp6R7_UPoY-6mAUAAAAAOAHgBAI&bg=!0NOl05fNAAY6OBv_Ojg7ACkAdvg8WrOksHeRprJi6Sd5SWhwnZXCob_5_j2f0ghBnbORsgyUsIPYvQIAAALkUgAAAAVoAQeZA0TSPCi77S5AFIE2UnV8-IssqlW0wmDjUITw9aQf0m34tmZCUMoZawk67YrxKdXhZTukea598GUQuq00IVTv1Rp_Rv2W9cA-ssvbZqtFRvrgTuVSumNFbqZ-qqojSveWxLJlVouO-MYjUKVLUvnIcaKsjdjKfylIkddA1Ayy65RJSex08NaUsHEwXDUmbn6rasbGTD3oCzeLRlVEj7HpQ9splT189IytZDWAsmVKsEvZwM0M1sRrQdtjV7on6FKVZPUGW4acUI9uuHzAeHQCDZ3oBvOTfrMnZ-8YePKeQ8PqIvaOw0nhxgL1XYZ7v90jmtCsXnIzH0WVCKBlsDrmYC8oyod-vCUScQYjaD8I9e1hkwIMq7uc8skNhIipRrNoVTM9PWYWYmj0kjKeBVgE0228F9CTxu19Jq7oScpKYJdZOUA1T4qatiymDwcyoX-gh96aEn3GZdUNMMpz0wscxpY2M3JGzLH9KMh02mXo91gaBi58dhe2bcQGBL00ilkkoanfm-2qW3umeaKW1NAdB6ApJZC36sTokT8LUO4ZDh34pojA5yER4IMoouLxfO_S8mKGr5oVXNkfDLAWTz6DHREVhc5Q62AbjScVC_C12rh7-IP8JrGC_HYO6SzV-zO7Ux57i89tshpxuZiynj6qt4xa6jrwYYGAijD6UzrTpcYJWOEgPt073vFFurXR7rDr64i6lwCzo4WkJGCp3Nls4yz5Q-rNFieK8-_qUZZNwZAOKsYQF7W7P0z4guogreFd4mI5IyPwcBWAHxgBlUaW3aHFDwxs_aohmSwHVhrDlxK333_wtrTFSoc2Bd5u_zwwuBo56jOvSK2oZMF3hm5-iNq7iatM_5_Guj4jvziYj2ifq5HR5hXVGuRkKzAmoTdETBrJ_Bv1Ad94dEPW20l9CCb__9Yqe529RmdsTujDkGpVRecYAvzXN7OXgBBEDJgcvnhSduJrgsbiC_FqWlMrxTStHlWXsweYPCLXGwwsx2STLE6h3_nkwBhsUqNRzN0PfqqQvkRzzyHjM2Tt8PZXtBJ4MFWp7Z_P07xKl3o0YPiNlIutw2bmV2pjZbtfMFOZF9o8kwSmqZHlZ_Fy1mqGSu_czEeoKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
singles.parship.de/cdn-cgi/ Frame 79E5 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
819d7eaa5864fbc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
X-INSTANA-S
819d7eaa5864fbc
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=819d7eaa5864fbc
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448473bae09255-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 10F5 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
41d95ece7a3ad255
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
X-INSTANA-S
41d95ece7a3ad255
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=41d95ece7a3ad255
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448473caf29255-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame D748 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
5080be3889595561
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
X-INSTANA-S
5080be3889595561
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=5080be3889595561
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448473cafc9255-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 60B5 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ba79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
5399bfe7279ac953
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
X-INSTANA-S
5399bfe7279ac953
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=5399bfe7279ac953
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448473cb019255-FRA
vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD52 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj75szvfyYdS6JfiD7_UP_-6MoAkAAAAAOAHgBAI&bg=!PT6lPnrNAAY6OBv_Ojg7ACkAdvg8WvuZVLua3V0GssUsirJvMeZpYU8cH8GG74yh2EW3TbbMj14aDwIAAAL5UgAAAANoAQcKAA3yCd1Pnc4BjE1j8xW5mQMnmBal2upTKGrHGx7tnb9-JFjpY5QC8vwULaI1N6nW3Fs4_7BWiq9EZXdRNKzCXITMQ6Rhcdeh6qAE3qJGzdPv2jzFfX3G7FZmnGpkdm44l2ZOTIaqHf4Qc41qoo5ulxULaF3QxWEy0NxAbZ15Y7HOucqGn6q-3hmqa5NO6zbh1FNkfmoTPI-VyJAGhWehJPomKv6d929_cPPtqhGaqU4CMZe4dnSDcDfyFUE2DjafI21rLpeXBQScNW61UTzeefcyi15rOR4hepKpbKwhw6oqVlIMo47994PvwBguYLjuvMc-owCSZ-0oi4b_GSzhiDX3UK1AF4aU4riUZztWqge1LUcqwdlVZrl9jveMWndpzWWpRn5Yl5LUrgpemTWTWocFhEKaXqwJJJBN4AxaSdGIz2KfuwJjiMrISlFNptu86YsrufENmD0Gdullz8ddu64QU_MAt8vvqSa6PXGaLz4YDzpZ0ODaf2dzpeWaR661KNOdt3k15nRW-RvMBNxl6xKqmXZJ3cimWqXz73T4UwRZLwJBdoXC8f6RDigTP3CTW-7pXno4yTcbFxLf3LKTGEZ8FNixfjje5r_VmE8McreM1Ns4TYagPisiOU0KvUkqRxOaD2y3Qq4-ebjA590Y_yKxzZzRT7jm7ZI36MZ6Zlyj1R3t9RrahIuVKUzqUCw3TqgQ6TOcCIe0Kw2vkv38LImRDfeEL6jqKL9y7xCSUc0VyCo9vKj0Sap34TbAmCPAxF4HfJimN_X1memVCZ86CZgAt4mg9dwYG-5Ikp0trtR5ZIvfHIpg12IbW9S_53R-ThSGBySfy9Zdn2t19BYAvxdE35W7vw6sJs-5ZgWHPRjBMq9zdjcVk2NzMERAfUglLSNo4iSBo1pNYikH44UWhghO5dcMDkHf0nx1m4wCMoX1fswWHnG7fjQR9FPO4UgE069ecsItmgdF34LzDRwkXpOpMLrxvW-ZpOkOvVzGz4oQCoPB71k_jbsa2I3BHFKlSMwERkPJNQ3GDXoeChH-ZDzD3JpOn1c8LYD3CIBiHpvdBo7VUcWeijC3o-cjeEz4yIKGyDmuSNmj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.gif
cw.addthis.com/ Frame E19E 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-g_XJURIcTgmH0OQh3xnHWa7Yf671dYuddVyXCw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:44 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:44 GMT
tracking-event
api.webgains.io/ Frame DF96 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:51:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame A036 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:51:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 4B5E 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:51:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame F480 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:45 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 Jan 2022 19:51:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
/
eum-eu-west-1.instana.io/ Frame 79E5 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.108.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-108-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a30fa-7faa-11ec-802a-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:46 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 10F5 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.108.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-108-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:46 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame D748 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.108.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-108-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d3f4076-7faa-11ec-a8d8-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:46 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 60B5 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.108.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-108-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d2a28d0-7faa-11ec-92f7-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:46 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2
Domain
testing-dbr-ws-site.ecosweb.dev.br
URL
http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| __APP_CONFIG__ object| capture object| __posthaus_DATA__ object| webpackJsonp string| GoogleAnalyticsObject function| ga object| dataLayer function| OneSignal object| scCGSHMRCache number| __mobxInstanceCount object| __core-js_shared__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 object| google_tag_manager function| postscribe object| google_tag_manager_external function| getElementByTypeAndInnerText string| masterUrlGoogleAds object| theHead object| theHeadScripts boolean| findSomeScriptLikeTheMasterScript object| scriptSecurePubAds object| googletag object| adsComponents function| refreshAllSlots function| getElementByXpath function| fbq function| _fbq string| PMTagObject function| pm object| e object| uetq function| twq string| bannerMobile function| insertAPPElement string| TiktokAnalyticsObject object| ttq function| UET function| UET_init function| UET_push object| ueto_6724d97921 object| twttr object| ADMITAD function| onYouTubeIframeAPIReady object| ad_product function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| google_js_reporting_queue function| md5 object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| clarity undefined| google_measure_js_timing object| hackernet function| setFullAds function| bannerHeader function| bannerTextoPublicidade function| bannerHorizontal function| bannerQuadrado object| criteo_q string| mobileDec string| mailCliente function| detectCriteoMobile object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

91 Cookies

Domain/Path Name / Value
.ecosweb.dev.br/ Name: _gid
Value: GA1.3.2141615708.1643313099
.ecosweb.dev.br/ Name: _gcl_au
Value: 1.1.604189687.1643313099
.bing.com/ Name: MUID
Value: 23270B60AF9763973A5B1A59AEFC62D6
.ecosweb.dev.br/ Name: _uetsid
Value: 8ac75fc07faa11eca270c38789999b37
.ecosweb.dev.br/ Name: _uetvid
Value: 8ac7a2307faa11ec94555160f7ab3462
.ecosweb.dev.br/ Name: _fbp
Value: fb.2.1643313099188.600763393
.ecosweb.dev.br/ Name: _ga_RF7L3756SK
Value: GS1.1.1643313099.1.0.1643313099.0
.ecosweb.dev.br/ Name: _ga
Value: GA1.1.2103211196.1643313099
.ecosweb.dev.br/ Name: _ga_PL4DYBH48C
Value: GS1.1.1643313099.1.0.1643313099.0
.creativecdn.com/ Name: u
Value: H0JHWgq8I0fTlT6MJhZc
.creativecdn.com/ Name: ts
Value: 1643313100
.t.co/ Name: muc_ads
Value: 25810744-ad91-409d-a2d5-486e66c803aa
.twitter.com/ Name: personalization_id
Value: "v1_n41xUeuUOH5dVn9o2VkkzQ=="
.ecosweb.dev.br/ Name: _pm_id
Value: 026101643313099879
.ecosweb.dev.br/ Name: _pm_sid
Value: 648701643313099880
.ecosweb.dev.br/ Name: _clck
Value: 3hd3dr|1|eyh|0
.c.bing.com/ Name: SRM_B
Value: 23270B60AF9763973A5B1A59AEFC62D6
.ecosweb.dev.br/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlQfRm_tYg4drbGNFx1chA58QjFL8sFPMnl73pUcOzANUgqMphQU7pQ1GQS
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 23270B60AF9763973A5B1A59AEFC62D6
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.criteo.com/ Name: uid
Value: 72b9570f-1b60-4438-af0e-f2a216d770f6
.ecosweb.dev.br/ Name: _clsk
Value: 1ll3tsv|1643313100546|1|0|h.clarity.ms/collect
.ecosweb.dev.br/ Name: cto_bundle
Value: b25Ovl9ncnRXdEZwVFZUJTJGbzU4WmNzbEtwJTJGc0UlMkJjNHU0NVNUMTNrTk9EZnVwUTFVZU42QzdqRzV6aGRwaUgzbEhmZGdFUWglMkJjbVJadGNWMmdZdjU1QmxYYnlBVEFPUm5Ndlc3NWNka0lCUWNVdk5xU1MwNENEU2RIUE1zJTJGaDBjeiUyQktlMVNCd0hhJTJGVSUyRkpPVkU5QnVGMUtENUZBJTNEJTNE
.advertising.com/ Name: APID
Value: UP8cacb855-7faa-11ec-8703-06469849d4ae
.adnxs.com/ Name: uuid2
Value: 7702134211281910669
.yahoo.com/ Name: A3
Value: d=AQABBM738mECEOeYDiQYm4v3wykuSbEhEGkFEgEBAQFJ9GH8YQAAAAAA_eMAAA&S=AQAAAp0PBy2GYovDXwD80vK4UGc
.yahoo.com/ Name: APID
Value: UP8cacb855-7faa-11ec-8703-06469849d4ae
.media.net/ Name: visitor-id
Value: 2863147028397099000V10
.media.net/ Name: data-c-ts
Value: 1643313102
.media.net/ Name: data-c
Value: k-JpfSgRIcTgmH0OQh3xnHWa7Yf64liE1R5hiZ6A~~3
.bidswitch.net/ Name: tuuid
Value: 5f263871-6cf7-497e-90c3-81231303f1f2
.bidswitch.net/ Name: c
Value: 1643313102
.bidswitch.net/ Name: tuuid_lu
Value: 1643313102
.360yield.com/ Name: tuuid
Value: c2201985-b9c2-4140-b695-f36fe8165718
.360yield.com/ Name: tuuid_lu
Value: 1643313102
.demdex.net/ Name: demdex
Value: 17998638829144156343617001497166374909
.360yield.com/ Name: um
Value: !38,N5luEZn8WYBt9SSoF5ZEc7i22S6HEkzX6wtRBRpf6GWtOR8FXOTUp23Fh11.UjOa-QqgSCj2,1651089102
.360yield.com/ Name: umeh
Value: !38,0,1705521102,-1
.dpm.demdex.net/ Name: dpm
Value: 17998638829144156343617001497166374909
.taboola.com/ Name: t_gid
Value: e7bca3b4-4365-4bdf-8a81-935d75cca064-tuct8ec7d4e
.casalemedia.com/ Name: CMID
Value: YfL3zhDEACmGxgchkzglfwAA
.casalemedia.com/ Name: CMPS
Value: 3267
.ecosweb.dev.br/ Name: __gads
Value: ID=3df2b96b3e06efef:T=1643313102:S=ALNI_MZfTbAu-Pqi1b7DzhHNdTwf8yKNzA
.tapad.com/ Name: TapAd_TS
Value: 1643313102462
.tapad.com/ Name: TapAd_DID
Value: b943c1b9-4bf2-457f-aba2-84c5b968d585
.rlcdn.com/ Name: pxrc
Value: CAA=
.casalemedia.com/ Name: CMPRO
Value: 1114
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.mediawallahscript.com/ Name: mCookie
Value: 8ccdd3f0-7faa-11ec-a31c-997230eee122
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.outbrain.com/ Name: obuid
Value: c9f5aecd-cdd0-46aa-aa46-a3dd4db1c707
.outbrain.com/ Name: criteo
Value: k-kc2_lxIcTgmH0OQh3xnHWa7Yf67l-hZI0RFj7Q
.tpmn.co.kr/ Name: uuid
Value: 16b367e6d19647299399fb1e3e6992a9
.tpmn.co.kr/ Name: criteo
Value: k-hS66cxIcTgmH0OQh3xnHWa7Yf67neIs1hLD8pA
.adnxs.com/ Name: anj
Value: dTM7k!M4/QD>6NRF']wIg2C%ywv0#O!]tbPl@/D!9hy6]/Cwgf4[Cxbdd]>z7pMXj8?>!g/3vNwi9)52gkroW3_h2f/30C+C2]R<j/A*v%x%SSZaq:3a^Th>C'_JVis8Rx1l%3'#7Ec-?dqQIdtl14=omb@*f=kW*g0D(BWage
.casalemedia.com/ Name: CMRUM3
Value: 2d61f2f7ce2760CAESEPUhOZZa-tf5ArpQ_79h9iA&1461f2f7ce2760k-2aF9ehIcTgmH0OQh3xnHWa7Yf67T-_40QgjVGA
.spotxchange.com/ Name: audience
Value: 8d0352d7-7faa-11ec-99a4-14c817940506
.turn.com/ Name: uid
Value: 8699888316075650538
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: bbd49b369afa8d45
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1643917903%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%228d2a31e0-7faa-11ec-802a-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1643399503%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj8d2a5bd4-7faa-11ec-802a-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1706385103%3B%7D
.singles.parship.de/ Name: __cf_bm
Value: Wm0kDRd6i.BPZjE9orMoMyZwViCVgcDWXrpPh9n.WOM-1643313103-0-ATV2LsYIQtBeMC4FfVPg875qD8j+skqa92FG4zeSxcp+QvaWlQCB8oOCcrpBIz2D6NPiNBnb4gLF16Yll9awRHM=
.awin1.com/ Name: awpv22610
Value: 296283|1643313103|8d42b5d0-7faa-11ec-983c-2238a966fab2
.awin1.com/ Name: awpv11524
Value: 296283|1643313103|8d437920-7faa-11ec-983c-2238a966fab2
.awin1.com/ Name: AWSESS
Value: 391598:2661283
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%228d2a3186-7faa-11ec-802a-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221643313103%25%255503284%25%258d4562c6-7faa-11ec-9f98-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1658865103%3B%7D
.3lift.com/ Name: tluid
Value: 2923921845926021708819
.w55c.net/ Name: wfivefivec
Value: t71FfmRc1NdaO35
.de17a.com/ Name: guid2
Value: 1.9036239214924124800
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: mt_mop
Value: 4:1643313103
.mathtag.com/ Name: uuid
Value: 011e61f2-f7cf-4700-9d1c-d186ff5b84d0
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~22wj:1761~22wj:18wq~22wj"
.yahoo.com/ Name: APIDTS
Value: 1643313103
.adfarm1.adition.com/ Name: UserID1
Value: 7057976034490382479
.casalemedia.com/ Name: CMST
Value: YfL3zmHy988A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6A8A3389-1728-404C-9580-9CF5B4557C5F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfL3zwABx2cCKwBH
.lijit.com/ Name: ljt_reader
Value: e8371f7b4dcc943aa06bd45f
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID_TS%3A1643313103
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313103.5503284.8d4562c6-7faa-11ec-9f98-00155d255900ID_TS%3A1643313103
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1643313103151,"clickCookie":false}}
.addthis.com/ Name: ouid
Value: 61f2f7cf00018053c308fa426dc8df9633944e5695b28cffce4f
.addthis.com/ Name: uid
Value: 61f2f7cf0686a571
.addthis.com/ Name: na_id
Value: 2022012719514376800143888129

15 Console Messages

Source Level URL
Text
network error URL: https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=2103211196.1643313099
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://testing-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ&google_push=AYg5qPIveenQ0ufclojNeuGsL_ZqQGw--FodwV0DP0H1vFiFFKsTqfdUKWriGNjT7o4-ZTvvsFRVc9QE-F9eU-eqsEHTY077NUNK&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKKvbZjxwDcqZAqiqO8Drju1f65ev19aTwESuHkD428cNq2dZfktup74g_n_rSzwGYFXHYN0OlLcMHJxKnV9TclacBcyvIe
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3zhDEACmGxgchkzglfwAABFoAAAAB&google_cver=1&google_push=AYg5qPIGMgcR9951yqP8LXT1_jAzHjgT48eL0VVuCZF-m9vU62uzYSnYnIVYt6_eMk7pVM-OtlcsEX8-M4E9lolPDy57Xkj-MpmZ&google_gid=CAESEETUT4JWdWuj1LFrDN77MSQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a49637faf7207ac975f7b41b705b2984.safeframe.googlesyndication.com
ad.360yield.com
ad.tpmn.co.kr
ad.turn.com
adgen.socdm.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv-srv.office-partner.de
adv.office-partner.de
analytics.tiktok.com
analytics.twitter.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.onesignal.com
cdn.pmweb.com.br
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
crb.kargo.com
cw.addthis.com
d.turn.com
d5p.de17a.com
df.pmweb.com.br
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eum-eu-west-1.instana.io
eum.instana.io
feature--evo-1926-dbr-pwa-posthaus.ecosweb.dev.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
h.clarity.ms
hal9000.redintelligence.net
hal900016.redintelligence.net
hal900019.redintelligence.net
hal900029.redintelligence.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
ipv4.icanhazip.com
match.adsrvr.org
mug.criteo.com
onesignal.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
ph-cdn3.ecosweb.com.br
pixel-sync.sitescout.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.casalemedia.com
r.turn.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
singles.parship.de
sp.analytics.yahoo.com
ssbsync.smartadserver.com
sslwidget.criteo.com
static.ads-twitter.com
static.cloudflareinsights.com
static.criteo.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.teads.tv
t.co
testing-dbr-ws-site.ecosweb.dev.br
tg.socdm.com
tpc.googlesyndication.com
track.webgains.com
trf.greatviews.de
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
widget.us.criteo.com
www.artfut.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
testing-dbr-ws-site.ecosweb.dev.br
104.111.214.39
104.18.114.97
104.244.42.133
104.244.42.195
104.90.104.248
104.92.94.3
124.146.215.4
124.146.215.49
13.248.245.213
138.201.220.30
138.201.63.117
141.226.228.48
142.250.185.166
142.250.186.162
142.250.186.66
142.250.186.98
151.101.130.49
178.250.0.157
178.250.0.163
178.250.2.151
179.191.190.70
18.156.0.31
18.230.146.239
18.66.2.98
185.184.10.30
185.29.134.248
185.33.220.243
185.33.221.52
185.64.190.78
185.86.137.122
185.94.180.126
199.232.136.157
2.16.186.226
2.20.157.55
2.21.140.111
200.193.43.62
2001:678:cb4:bbbb::11
207.198.113.170
212.82.100.181
213.155.156.166
23.92.190.69
2600:9000:214f:4e00:1b:5138:8a40:93a1
2606:4700:20::681a:6d
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6810:cc16
2606:4700::6812:e234
2606:4700::6813:ba79
2620:112:f006:bbbb::12
2620:112:f006:bbbb::16
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:800::2004
2a00:1450:4001:802::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4007:80d::2002
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5
2a0b:4d07:101::1
3.120.29.221
3.121.106.122
3.121.107.137
3.33.220.150
3.66.195.154
34.102.166.132
34.242.207.34
34.254.114.92
34.255.158.248
35.186.253.211
35.227.248.159
35.244.159.8
35.244.174.68
40.91.78.9
46.236.13.147
5.1.80.163
52.16.162.42
52.19.108.67
52.224.31.34
54.207.195.77
63.35.20.93
69.173.144.138
70.42.32.63
74.119.119.150
78.46.90.238
85.114.159.93
85.239.105.10
88.99.219.174
0095190a28d2940781e4dcd5b52c8a0630599b24089f6e37357ec28993492310
03b52fa0a6a53d3710386ac50493130ca0c4c1d767563c099d76b658d120e1f9
05e1ed9ef043a0a400cca00f86b34c3ba58dbd44ae7fc2a6fafca95c4f41788e
05fe1487ac557fda19156c504ea7fadcdb588f9c15354a130a2520297905ccb9
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08ed8a6c81b5024d2704f2fdd563396ca33d32d1acc6374d0283b96f6410973c
09fa1c678ea0b9ea4cac0308554e59655fcf952719a10a856c8dff2886f4d0da
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3fa4c8a5bc361cab1a33f6260a7297c0af7ae9df4b6f7085c24ca0b98456d1
0dbdd3b1e6820597ce86f09f7261b33b3c49796a43fb794d747c7dbb2a1f3b58
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
108297863fee2ce3f6dccbaf0d6a644ead80468b6b36bc1673d5348dd90f7426
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11406d2fe03cea34dcf0b5c178acda7fad399cb1f9b06cea2d55866ab94a20ce
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1696575268ca733e457a0f2137208a4c499e2769834171b14252a17f71094cd1
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576
1dcc365b3af7b265de0e656f2c5d29778ab8d53017cbbf0d658a68477eda1f2f
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
2ac34e43db7e971d8d9def651671497edd5c06d6cb060d540fd39b2db3b099c9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f12626fad6bfa76f3fbc1d7afd6f1a4ae7d398e1e18d5f04c106338eafbd1e8
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c
327bec2ec73981fc12954bac138de42bad69d513a432da8f196cf9a40c7deb04
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ab84ab7119ffd8d908a6a06443eb7b42b186477155f074b02d68c46eec475a
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38acad23717d9b4aa88ad47c3dd695239c3457b44df14d09e3675a13daa0853e
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5423b38503afc1a3826371fc9c296a6d1960bf92954eab6316695aeadda0600c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58e063eb0a661fca51c33654efd8189f45b659f484da3b5893289d89edb471ce
594f33f4bdb9feaa6e8146c45bb6a4efe973fe83696b5cebbdd3e38d648d87c1
5c6383f08e5317a952ef5c37aee1f8d8d5f1dfb7d76ce4411adc595fca9b403a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
65f5aa9b1c709caf85a14a1a1f5d534a7fe2e5ef1b55b0a670b03c3efe3fcf07
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2
69792257492a864f2bb44cdae3f472d9fbfc5151c6c08fe1f0015ad35f3014df
6c12a2e1c137d9d9a44b0066f5af75f857f02c1507853146687df8a74215be91
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
73bbcb5588755006ce54da1b4e3c6ea5ef3ce1df8d32ae2ebd89aa3917fcecaf
791e160431d75b016c83351fccc4b8d95ee926011ba1f19d97c2c39f5d38863c
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec
7feb84cdd599e78cffba8709681115f40466782ce75fa2de81410811a47e4d4d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8855020c59934063055b4b43c3a84bbd31ad9846d58ef5575f148d23f3565924
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ae8f48e0089128df9ad8dc2fd7e69a705a9ffc4cfa9eb20d10ef63e50e8b1e4
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d74f3699f32c43afe0a15b23cd8bc3be4bd7cbf39c4f5aa9e0620175f42e99a
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e21cd72b0d5aba10024a13614a42e961757d6246c1fb37c8d1879b0f5c43492
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931
920695c41fe01f96cfcdfce8a87d0bf2557fc117938c1386eff463f0916104aa
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
96a284477ea862ee929a0a526da706281113e57ee9729c87af42bd5b22dca09b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0679a429ee69de00c6a426e0f4e2a1ccc093632b5087a3b4cf5f42544a12a9
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
9fdc4e45cfda55b26e4e8018fb823436c409ca723521a8f523d3ecf47d621102
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a31b33938fd079e645c62d8bbd3a652ea5156d9a0bce1bcd5ba407182640a32b
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9acd015edd95cb573f0ae5f0bcd03af5b7e1747a72cff936ff047f74a35f197
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
abd0a2a3951acb61f5a64e107ae988dc241dc1349d673022c2c29550c515115a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
af3789699bb73359a379541dfaeed7835267f7ba09f6325af16d16372d5d8a49
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa
be13a678b980db27e6cd288d7c01b618636fe5e2a4e48de11cb0607333df8c20
be200b6159ecb9277570f66402e5be5b20e2685303d6fe5810fdddd79b4b0d34
c2145404a1bfc8481dda07b53aaa2545d82ef1a7969b2c9e5c31ba4e4f2a1382
c357f0313e05e270d401ed476c0fc87d34ddf0cfe3c1ea7cf30f9409e81681db
c48d72e622223e0931e14bf9cd00e5f94e4c5e8a4df2a456d53678a933eb3139
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c5592d72f0372c2f237a8ecaaa67eda0064b413098e191140d1da1f41d394d58
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d9a742fbfb92e5cb9d4d5a806b9826c0384534c510bd2384c9d60a67a1c16f
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d690a719026df37a9a0e96e6fa42fd9bfa669716a0540f05678f15e96755a348
d8332b6800d671d23e4d74f18f609c3e4b3483273ad273c61a2483c6fe9b479f
db7ffea7471550902c7fa76cbec0dda208aae42c53f5943357b818a32bab7b03
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df5f1fd67ccfda69061096b22f16278ec13f3d52ff8a55ecf8acbc1aad149f22
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78
e46212cd0f9da83e734a895a263e97080d0cd2b2081a96eeebb74a795b0fac5c
e465095c743402e7c944b168ba9c370857d6d81019a645b653d1afd448f0f00e
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7564298fa10f7559d192433970545d81e4a415651d31ea76071e52260b87499
e79e2926e2dbc34b81a8517e7891b9096cf0098617563916e57cf35088400e9d
e7e441f8b5158cef65b8b6a1443feba158823eb0abe5999d7838817576ba2f89
e870ce23282b564f095c397a820b2ad18f248eae583bea3e3c6d7b7b6ed61c11
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ebc5d66a00c94cb1a7c6fe4a9e8765b02ebfef07c4ceb16872849b9729238a01
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f025fe6c50add0fde44ebb2d6469026294e09df9f02e813ae66990eb38553658
f40a30e16c70c82abefd586548807814ef7da2563721214af5822f3cbfdf7f92
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd135adb4de548a2495ce949d296b229acc14cd521bb611f4e5da99a61aa92b2
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55
ffc29c6249722385c6d20a999a48d66e4b55e6e465e235f20d54000df3f16b55