urlscan.io logo urlscan.io
SecurityTrails logo

staging-dbr-pwa-posthaus.ecosweb.dev.br Open in urlscan Pro
177.101.99.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Submission: On January 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 15 countries across 78 domains to perform 352 HTTP transactions. The main IP is 177.101.99.62, located in Blumenau, Brazil and belongs to Unifique Telecomunicacoes SA, BR. The main domain is staging-dbr-pwa-posthaus.ecosweb.dev.br.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time staging-dbr-pwa-posthaus.ecosweb.dev.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 177.101.99.62 28343 (Unifique ...)
5 2a00:1450:400... 15169 (GOOGLE)
27 179.191.187.65 52580 (Azion Tec...)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 142.250.184.226 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 18.230.146.239 16509 (AMAZON-02)
1 3 185.184.10.30 203690 (RTB-HOUSE...)
1 142.250.186.98 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 151.101.12.157 54113 (FASTLY)
5 95.101.27.84 20940 (AKAMAI-ASN1)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:401... 15169 (GOOGLE)
4 40.76.174.66 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 104.18.114.97 13335 (CLOUDFLAR...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
4 5 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 ()
1 2 63.35.20.93 16509 (AMAZON-02)
10 34 216.58.215.98 15169 (GOOGLE)
3 178.250.0.163 44788 (ASN-CRITE...)
1 3.64.249.36 16509 (AMAZON-02)
3 4 37.252.172.37 29990 (ASN-APPNEX)
1 70.42.32.255 13789 (INTERNAP-...)
1 141.226.228.48 200478 (TABOOLA-AS)
2 3 69.173.144.165 26667 (RUBICONPR...)
1 2 34.247.120.79 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 4 3.126.56.137 16509 (AMAZON-02)
3 3 3.66.195.154 16509 (AMAZON-02)
1 184.87.212.24 16625 (AKAMAI-AS)
4 5 2600:9000:223... 16509 (AMAZON-02)
1 2 3.124.111.31 16509 (AMAZON-02)
4 7 2.20.157.55 16625 (AKAMAI-AS)
2 212.82.100.181 34010 (YAHOO-IRD)
5 34.98.64.218 15169 (GOOGLE)
1 2 34.255.54.140 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 95.101.184.154 16625 (AKAMAI-AS)
1 34.102.166.132 15169 (GOOGLE)
1 124.146.215.42 2514 (INFOSPHER...)
1 202.241.208.2 4694 (IDCF IDC ...)
1 104.36.113.17 62713 (AS-PUBMATIC)
1 52.196.179.39 16509 (AMAZON-02)
18 2a00:1450:401... 15169 (GOOGLE)
4 2a00:1450:401... 15169 (GOOGLE)
1 2 37.252.172.123 29990 (ASN-APPNEX)
4 104.88.69.102 16625 (AKAMAI-AS)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 20 138.201.63.117 24940 (HETZNER-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 4 138.201.135.164 24940 (HETZNER-AS)
1 4 138.201.63.116 24940 (HETZNER-AS)
1 4 176.9.26.250 24940 (HETZNER-AS)
4 4 2a0b:4d07:101::1 44239 (PROINITY ...)
4 5.1.80.163 34549 (MEER-AS m...)
3 7 72.246.170.168 16625 (AKAMAI-AS)
3 3 85.239.105.10 16097 (HLKOMM 04...)
15 2606:4700::68... 13335 (CLOUDFLAR...)
8 46.236.13.147 12703 (PULSANT-AS)
4 8 142.250.185.230 15169 (GOOGLE)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 54.76.176.197 16509 (AMAZON-02)
1 2 2620:112:f006... 6336 (TURN-US-ASN)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 207.198.113.176 13768 (COGECO-PEER1)
3 2a00:1450:400... 15169 (GOOGLE)
4 4 37.157.5.142 198622 (ADFORM)
1 199.187.193.179 47043 (SMARTADSE...)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
1 1 104.36.113.23 62713 (AS-PUBMATIC)
6 6 213.19.147.44 26120 (RHYTHMONE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 54.205.41.248 14618 (AMAZON-AES)
1 34.96.105.8 15169 (GOOGLE)
4 143.204.215.33 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.77.107.100 16509 (AMAZON-02)
352 87
11    177.101.99.62 (Blumenau, Brazil)

ASN28343 (Unifique Telecomunicacoes SA, BR)
staging-dbr-pwa-posthaus.ecosweb.dev.br
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    179.191.187.65 (Reston, United States)

ASN52580 (Azion Technologies Ltda., BR)
ph-cdn3.ecosweb.com.br
7    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4007:81a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    18.230.146.239 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
cdn.pmweb.com.br
df.pmweb.com.br
3    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    95.101.27.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-84.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
8    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:401b:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
4    40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    104.18.114.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    (None, )

ASN- ()
uuid
2    63.35.20.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
dpm.demdex.net
34    216.58.215.98 (United States)

ASN15169 (GOOGLE, US)
PTR: waw02s17-in-f2.1e100.net
cm.g.doubleclick.net
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    3.64.249.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-249-36.eu-central-1.compute.amazonaws.com
crb.kargo.com
4    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.247.120.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-120-79.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    3.66.195.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-195-154.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com
contextual.media.net
5    2600:9000:223f:3400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    3.124.111.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-111-31.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
r.casalemedia.com
dsum-sec.casalemedia.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    34.255.54.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    95.101.184.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-154.deploy.static.akamaitechnologies.com
cw.addthis.com
1    34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com
ad.tpmn.co.kr
1    124.146.215.42 (Shibuya, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    202.241.208.2 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
adgen.socdm.com
1    104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    52.196.179.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-179-39.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
18    2a00:1450:401b:810::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4010:c0e::9d (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    104.88.69.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-88-69-102.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
20    138.201.63.117 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal9000.redintelligence.net
hal90003.redintelligence.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
4    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
4    138.201.63.116 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
4    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
4    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    5.1.80.163 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)
PTR: s17177.creolineserver.com
adv-srv.office-partner.de
7    72.246.170.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-170-168.deploy.static.akamaitechnologies.com
www.awin1.com
3    85.239.105.10 (Leipzig, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
15    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
singles.parship.de
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
8    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
8019191.fls.doubleclick.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    207.198.113.176 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    54.205.41.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-41-248.compute-1.amazonaws.com
pm.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    143.204.215.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-33.fra53.r.cloudfront.net
analytics.webgains.io
3    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
3    54.77.107.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-107-100.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 210157
244 KB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
249 KB
32 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal900015.redintelligence.net — Cisco Umbrella Rank: 219647
hal90004.redintelligence.net — Cisco Umbrella Rank: 215551
hal900014.redintelligence.net — Cisco Umbrella Rank: 298464
hal90003.redintelligence.net — Cisco Umbrella Rank: 219960
213 KB
27 ecosweb.com.br
ph-cdn3.ecosweb.com.br
502 KB
15 parship.de
singles.parship.de — Cisco Umbrella Rank: 291354
44 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
2 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
sslwidget.criteo.com — Cisco Umbrella Rank: 1760
widget.us.criteo.com — Cisco Umbrella Rank: 18087
dis.criteo.com — Cisco Umbrella Rank: 691
17 KB
11 ecosweb.dev.br
staging-dbr-pwa-posthaus.ecosweb.dev.br
staging-dbr-ws-site.ecosweb.dev.br Failed
518 KB
8 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
14 KB
8 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 250175
adv-srv.office-partner.de — Cisco Umbrella Rank: 252765
4 KB
8 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
sp.analytics.yahoo.com — Cisco Umbrella Rank: 818
3 KB
7 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
5 KB
7 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1974
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
6 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
331 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
7 gstatic.com
fonts.gstatic.com
121 KB
6 instana.io
eum.instana.io — Cisco Umbrella Rank: 5597
eum-eu-west-1.instana.io — Cisco Umbrella Rank: 23482
29 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
6 KB
6 clarity.ms
d.clarity.ms — Cisco Umbrella Rank: 2246
c.clarity.ms — Cisco Umbrella Rank: 917
24 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
661 B
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
2 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1300
67 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
4 KB
4 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
204 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
3 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
688 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
150 KB
4
function sub() { [native code] }.
76 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1366
15 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
2 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
779 B
3 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 250848
3 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 880
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
1 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
1 KB
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 20790
17 KB
3 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3401
720 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
73 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 2305
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
1 KB
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48812
2 KB
2 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1948
adgen.socdm.com — Cisco Umbrella Rank: 7393
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
893 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
394 B
2 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2306
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
853 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
386 B
2 pmweb.com.br
cdn.pmweb.com.br — Cisco Umbrella Rank: 74263
df.pmweb.com.br — Cisco Umbrella Rank: 73673
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3408
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 39962
513 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
75 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
191 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
860 B
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 72240
312 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46801
628 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 3239
44 B
1 tpmn.co.kr
ad.tpmn.co.kr — Cisco Umbrella Rank: 3546
599 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1338
427 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 516
783 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1260
231 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
476 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1519
360 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
13 KB
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 14351
474 B
1 t.co
t.co — Cisco Umbrella Rank: 487
336 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
460 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
352 78
Domain Requested by
34 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
uuid
27 ph-cdn3.ecosweb.com.br staging-dbr-pwa-posthaus.ecosweb.dev.br
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
uuid
googleads.g.doubleclick.net
tpc.googlesyndication.com
18 tpc.googlesyndication.com uuid
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
16 hal9000.redintelligence.net uuid
hal900015.redintelligence.net
hal90004.redintelligence.net
hal900014.redintelligence.net
hal90003.redintelligence.net
15 singles.parship.de hal900015.redintelligence.net
hal90004.redintelligence.net
hal900014.redintelligence.net
singles.parship.de
eum.instana.io
13 googleads.g.doubleclick.net www.googleadservices.com
uuid
11 staging-dbr-pwa-posthaus.ecosweb.dev.br staging-dbr-pwa-posthaus.ecosweb.dev.br
8 8019191.fls.doubleclick.net 4 redirects staging-dbr-pwa-posthaus.ecosweb.dev.br
8 track.webgains.com staging-dbr-pwa-posthaus.ecosweb.dev.br
uuid
8 www.google.com staging-dbr-pwa-posthaus.ecosweb.dev.br
uuid
tpc.googlesyndication.com
7 www.awin1.com 3 redirects uuid
7 www.googletagmanager.com staging-dbr-pwa-posthaus.ecosweb.dev.br
www.googletagmanager.com
adv-srv.office-partner.de
7 www.google-analytics.com staging-dbr-pwa-posthaus.ecosweb.dev.br
www.google-analytics.com
www.googletagmanager.com
7 fonts.gstatic.com fonts.googleapis.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 us-u.openx.net googleads.g.doubleclick.net
5 s.ad.smaato.net 4 redirects
5 adservice.google.com securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
5 gum.criteo.com 4 redirects static.criteo.net
5 www.google.de staging-dbr-pwa-posthaus.ecosweb.dev.br
5 analytics.tiktok.com staging-dbr-pwa-posthaus.ecosweb.dev.br
analytics.tiktok.com
5 fonts.googleapis.com staging-dbr-pwa-posthaus.ecosweb.dev.br
hal900015.redintelligence.net
hal90004.redintelligence.net
hal900014.redintelligence.net
hal90003.redintelligence.net
4 analytics.webgains.io track.webgains.com
4 sync.1rx.io 4 redirects
4 c1.adform.net 4 redirects
4 adv-srv.office-partner.de hal900015.redintelligence.net
hal90004.redintelligence.net
hal900014.redintelligence.net
hal90003.redintelligence.net
4 adv.office-partner.de 4 redirects
4 hal90003.redintelligence.net 1 redirects uuid
hal90003.redintelligence.net
4 hal900014.redintelligence.net 1 redirects uuid
hal900014.redintelligence.net
4 hal90004.redintelligence.net 1 redirects uuid
hal90004.redintelligence.net
4 hal900015.redintelligence.net 1 redirects uuid
hal900015.redintelligence.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 www.googletagservices.com uuid
4 ups.analytics.yahoo.com 2 redirects
4 secure.adnxs.com 3 redirects
4 uuid securepubads.g.doubleclick.net
4 d.clarity.ms bat.bing.com
d.clarity.ms
4 securepubads.g.doubleclick.net staging-dbr-pwa-posthaus.ecosweb.dev.br
securepubads.g.doubleclick.net
3 eum-eu-west-1.instana.io eum.instana.io
3 eum.instana.io singles.parship.de
3 static.cloudflareinsights.com singles.parship.de
3 dsp.adfarm1.adition.com 3 redirects
3 s0.2mdn.net uuid
3 trf.greatviews.de 3 redirects
3 pixel.advertising.com 3 redirects
3 pixel.rubiconproject.com 2 redirects
3 dis.criteo.com
3 www.artfut.com www.googletagmanager.com
www.artfut.com
3 bat.bing.com staging-dbr-pwa-posthaus.ecosweb.dev.br
bat.bing.com
3 us.creativecdn.com 1 redirects www.googletagmanager.com
2 pm.w55c.net 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 pv.medialead.de 2 redirects
2 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
2 pixel.tapad.com 1 redirects
2 idsync.rlcdn.com
2 partner.mediawallahscript.com 1 redirects
2 sp.analytics.yahoo.com
2 r.casalemedia.com 1 redirects
2 x.bidswitch.net 1 redirects
2 ads.yahoo.com googleads.g.doubleclick.net
2 ad.360yield.com 1 redirects
2 dpm.demdex.net 1 redirects
2 c.clarity.ms 1 redirects staging-dbr-pwa-posthaus.ecosweb.dev.br
2 www.facebook.com staging-dbr-pwa-posthaus.ecosweb.dev.br
2 connect.facebook.net staging-dbr-pwa-posthaus.ecosweb.dev.br
connect.facebook.net
2 cdn.onesignal.com staging-dbr-pwa-posthaus.ecosweb.dev.br
cdn.onesignal.com
1 tr.blismedia.com uuid
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com uuid
1 a.tribalfusion.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 ssbsync.smartadserver.com uuid
1 pixel-sync.sitescout.com uuid
1 sync.mathtag.com 1 redirects
1 r.turn.com uuid
1 ad.turn.com 1 redirects
1 ad-server.eu uuid
1 pb.media01.eu hal90003.redintelligence.net
1 d.turn.com 1 redirects
1 cs.adingo.jp
1 simage2.pubmatic.com
1 adgen.socdm.com
1 tg.socdm.com
1 ad.tpmn.co.kr
1 cw.addthis.com
1 contextual.media.net
1 sync-t1.taboola.com
1 sync.outbrain.com
1 crb.kargo.com
1 adservice.google.de securepubads.g.doubleclick.net
1 widget.us.criteo.com staging-dbr-pwa-posthaus.ecosweb.dev.br
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com staging-dbr-pwa-posthaus.ecosweb.dev.br
1 static.criteo.net www.googletagmanager.com
1 ipv4.icanhazip.com staging-dbr-pwa-posthaus.ecosweb.dev.br
1 df.pmweb.com.br cdn.pmweb.com.br
1 c.bing.com 1 redirects
1 t.co staging-dbr-pwa-posthaus.ecosweb.dev.br
1 analytics.twitter.com static.ads-twitter.com
1 cdnjs.cloudflare.com www.googletagmanager.com
1 static.ads-twitter.com staging-dbr-pwa-posthaus.ecosweb.dev.br
1 www.googleadservices.com www.googletagmanager.com
1 cdn.pmweb.com.br staging-dbr-pwa-posthaus.ecosweb.dev.br
1 onesignal.com cdn.onesignal.com
0 staging-dbr-ws-site.ecosweb.dev.br Failed staging-dbr-pwa-posthaus.ecosweb.dev.br
352 108
Subject Issuer Validity Valid
*.ecosweb.dev.br
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.ecosweb.com.br
Go Daddy Secure Certificate Authority - G2		 2021-12-20 -
2023-01-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.pmweb.com.br
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
ad.tpmn.co.kr
GTS CA 1D4		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2020-04-24 -
2022-06-02		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
adv-srv.office-partner.de
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
singles.parship.de
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh

This page contains 39 frames:

Primary Page: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Frame ID: B7CBB2C9A18EDCD2C199883BE1F2A3E2
Requests: 118 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313091364&tc=1
Frame ID: 1FA76868C3B4468450A90AB7226CB19E
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313092516
Frame ID: B61ED5FE56443905AF74183842E6CBD8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=staging-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Frame ID: 54307720C74F4667C3AE86176B6C7A25
Requests: 2 HTTP requests in this frame

Frame: urn://uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Frame ID: 668058DD9BEB74D12D0D879631308C14
Requests: 15 HTTP requests in this frame

Frame: urn://uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Frame ID: 3D63F7474EB4A0742D0E1ECB91AA4295
Requests: 16 HTTP requests in this frame

Frame: urn://uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Frame ID: 9418807760140D7A3A07B3F063C72DA9
Requests: 17 HTTP requests in this frame

Frame: urn://uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Frame ID: 3455C07CE682E011F170EF45E2542B2C
Requests: 15 HTTP requests in this frame

Frame: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
Frame ID: 5D1CDED3A3D3EB446BAC2432E434D32B
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Frame ID: 18838DC65B79B3FEE962BEA8CCDF9EFE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Frame ID: F5362097459C952F07F521FFC11342D5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Frame ID: 2A2B371B32A6843AE70376BCFBA9FDB3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUqr9aQdvgrkAIUiZQJRJNGrhGq49KofNiKMHPJNTJSCUTJn2PoahpWBmU8fiAgj0RmDGRQjfewvhk5UrZeo9CYI9O5gH4zwwlUSG0FeIH25Jd0rvN93fbO0TalRa9AlfqeejskURqXaevwVMCZR9EpY_nlPr3uBpuCNq9N9AGcj1M5SEM
Frame ID: 9A971114DBCC97CBD997A2B048758AC3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC88536B328518610CA773D015021737
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 253738AACE5C07652FBE16A68A164D5A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 587635D23AC290FB7B1A389442E829D9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0771ACC00A5B93AED2BDD47F3EF0D936
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F36C5728F1478D7304A0859F3A2B1C46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB5B75B5E3ACC18EA0F492F4433BB5E8
Requests: 2 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4B73F45414CA51F4E84FD89049F1271A
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Frame ID: 0B35213458342E76532BEF1866D206C8
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545
Frame ID: 946715671B132E1A81A44CECCAD21EEF
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Frame ID: 31806CA93D0F4F3273E327A33D78E6C1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D3B0F7B09CF74AAE0C2560AB5616539
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 419CB2F040EE2D9676EFC0693F28A68A
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Frame ID: 059F45CD8E3A0F6FFB4462C920A7ED47
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299
Frame ID: BA33F998509EA8D05818BECDAA5F36B1
Requests: 2 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Frame ID: 3AD0AC6E04631B86B0CC1AEC9B0C72B6
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F6AA434BE1EE2DF33A847AA17F44100
Requests: 9 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7572332564C5B5312C7648CB49BC12AA
Requests: 2 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Frame ID: D8A634D8B7CB051E3AC98B810C5D65DE
Requests: 8 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549
Frame ID: E39821EAD4299379B9A7EE942DDBDC81
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Frame ID: 43BAB89F13EDF4DFF47803C8B9CF488C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9A1A3F1E890C0DE115104DE352182F6
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=10227400239371300710584011852003&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 21F2E802112EA1368E2881D9FC6D05F7
Requests: 1 HTTP requests in this frame

Frame: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 419BDACB8C9B60C2D6403AC4A2508AD8
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616
Frame ID: 4388B142BA84D53A4C1EACBFA6C38412
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Frame ID: 128C89E1F8EABED8B26F60200C5A0E91
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49B08FB30616DC9DBB76B062C744267A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Posthaus - Roupas femininas, plus size, infantil e mais!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

352
Requests

81 %
HTTPS

30 %
IPv6

78
Domains

108
Subdomains

87
IPs

15
Countries

3118 kB
Transfer

6970 kB
Size

99
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313091364 HTTP 302
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313091364&tc=1
Request Chain 65
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&RedC=c.clarity.ms&MXFR=128893F06EDE6E9D20B482C96ADE60A3 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&MUID=24C48635B5E4637F2ABA970CB43662B7
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=staging-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qGL1MnxLaGJYLzh4ZE5mRlVDcTF2anIwR0REOGZKWis0K0lEOUdhVXZ3N3ZZSlJTZDl3L0ROd3FDTkpQdHNBVmlXczBac0czNEt1dHV2TTlpMjVNTU5UMStFUDBzblZBTDZNL2dINFhkQlFMSy9wQ05UeDd4NlBaVm84TEMvaUVXazJ3eDVjbmhTaWllNTlXS25Ga0czdW9zZFJWRUtTM1R6WUJDOWdabk5TSElQYk0rdlFGOUROL1RId1BONnNzemlZdE1XMUVaUE1LZzA0MUd0ZlNwcldoNnpQY3MxVmRtOWdBSXUxays2OVVmeUkwbXZKaDgxUEppMVdUZi8zNHpBcUthSEY4Qkp6WnV0OVE2cXdNUE1ZdTVrUT09fA&cppv=2
Request Chain 110
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbWZyT3F0dmZwJTJGUFlpOXh2bkRyRVVNVXBjVmMxTWx5c2l0ODJmUnVUJTJGUVZYNCUyQnhCY1lxaVJwWUFpbmwlMkJIT0t1Z0hUaTMwQSUyRjVXY3NzTiUyQnclMkJJeW9CSWw2ODJFRnd5cTNBY3dwNjBXUm9MNEY4cngwSmt4N3clM0QlM0Q&tld=ecosweb.dev.br&dtycbr=1833 HTTP 302
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbWZyT3F0dmZwJTJGUFlpOXh2bkRyRVVNVXBjVmMxTWx5c2l0ODJmUnVUJTJGUVZYNCUyQnhCY1lxaVJwWUFpbmwlMkJIT0t1Z0hUaTMwQSUyRjVXY3NzTiUyQnclMkJJeW9CSWw2ODJFRnd5cTNBY3dwNjBXUm9MNEY4cngwSmt4N3clM0QlM0Q&tld=ecosweb.dev.br&dtycbr=1833
Request Chain 121
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1YZDBCeEZvcjFVeW8yYVQxNmh2bnNEeW55cm9DWXVvWVZlcE8yUQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 124
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7932158940085761062
Request Chain 128
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ
Request Chain 130
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ&verify=true
Request Chain 131
  • https://pixel.advertising.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&apid=UP87c58796-7faa-11ec-9a03-02aec6d80f0c
Request Chain 134
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30
Request Chain 135
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q&C=1
Request Chain 138
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom=&tag_format=img&tag_action=sync&custom=&cb=9f43533a-c8b5-4929-8b6f-2862c6e619a6 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9f43533a-c8b5-4929-8b6f-2862c6e619a6&final=true&reqid=87f10410-7faa-11ec-aa3b-692d76396350&timestamp=2022-01-27T19%3A51%3A34.353Z
Request Chain 140
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1&C=1
Request Chain 175
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL3xgTUAQLQXxf-WeOEkQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOfHBHA7ChoBQjWAX-vW8Bs&google_cver=1
Request Chain 177
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzMjE1ODk0MDA4NTc2MTA2Mg%3D%3D
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1&__user_check__=1&sync_id=87e76c77-7faa-11ec-9e9d-1365eaaf0306
Request Chain 187
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=87e17ed8-7faa-11ec-befd-14604df00406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODdlMTdlODItN2ZhYS0xMWVjLWJlZmQtMTQ2MDRkZjAwNDA2
Request Chain 199
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=gtWTm_d5g79LvQLwT7O7CTkvGx-BWaSJ
Request Chain 209
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/IQGHf7jwtW1fwyr4cBF_YU67FYXjQ__6/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4507735809063745101
Request Chain 210
  • https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 211
  • https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 212
  • https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 213
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 220
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 221
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=43952400224573300710584011852015&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Request Chain 223
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545
Request Chain 229
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 230
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=51134500273550600710580011852004&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Request Chain 232
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299
Request Chain 237
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 238
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=92233500244512200710584011852014&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Request Chain 240
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549
Request Chain 245
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=10227400239371300710584011852003&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=10227400239371300710584011852003&actionid=731824&produktid=businessgiro&dt_url=
Request Chain 246
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains HTTP 301
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Request Chain 248
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616
Request Chain 250
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=10227400239371300710584011852003 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 267
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1&google_push=AYg5qPIbZc3P55zNfOjiMAif-7AR4ojzn7Xw0gkvs0yLRUou-4H0EzQu7F1cmOEOGyVRmsQqggF3UQQI3lGasaWg8UfI1UmeAhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNzczNTgwOTA2Mzc0NTEwMQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1
Request Chain 268
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDGvOdza3wRRtVaOMalUKjI&google_cver=1&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWerD1IPgtuqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWerD1IPgtuqw
Request Chain 271
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIlQJWYfN_Pf3SKMlWvgzE HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIlQJWYfN_Pf3SKMlWvgzE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwNDYwMzg2MDgyODMxNjI2NA&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIlQJWYfN_Pf3SKMlWvgzE
Request Chain 272
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrzj0yIEXfZxzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrzj0yIEXfZxzQ
Request Chain 279
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dIMwT0K5UvrPz_3BLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDY4MjY0MQ%3D%3D&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dIMwT0K5UvrPz_3BLA
Request Chain 280
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDu0zfGJS6uaoBxRhVWapFQ&google_cver=1&google_push=AYg5qPIOOtE9g2WoXrlCONcagI0uSdOnXQUB6HD6H_KZmzwHtrMNFt5gLWfN29Py4VEnmen2OSURwiynd6XXiYVWIbhc7KqO57l0LQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9NumdgOsQp6iz6wpwj6mQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOOtE9g2WoXrlCONcagI0uSdOnXQUB6HD6H_KZmzwHtrMNFt5gLWfN29Py4VEnmen2OSURwiynd6XXiYVWIbhc7KqO57l0LQ
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKxIOuQhgknZzJiaPvcZ_E0&google_cver=1&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWmynLbpOL5D_GpXUERXd8p8Ul79dg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSQzgtMUwtNkVWQg==&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWmynLbpOL5D_GpXUERXd8p8Ul79dg
Request Chain 282
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY7Vu7314CAzvbSw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY7Vu7314CAzvbSw
Request Chain 283
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEO1gHzdCarzm6pQDjF6elw8&google_cver=1&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
Request Chain 284
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAt_QQ5Je7sUA8FSG3pzx1M&google_cver=1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643313095355 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0cab4007-bef2-4d3a-9753-d516fd605943-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg%26google_hm%3DAwyrQAe-8k06l1PVFv1gWUM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&google_hm=AwyrQAe-8k06l1PVFv1gWUM
Request Chain 287
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 288
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHSOO8QbuIc8uZCZETJ_H0U&google_cver=1&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-JbyuNSG_ew5kqS9YuiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-JbyuNSG_ew5kqS9YuiA&google_hm=1YeUx3erR3m-ehjeZGPNMqI
Request Chain 289
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voTHHZFIf9vhBwDdT1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDI4OTQyNw%3D%3D&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voTHHZFIf9vhBwDdT1A
Request Chain 290
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8rZIEaLT91bkTCGX4AYqDmw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8rZIEaLT91bkTCGX4AYqDmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEyNzM3MDQxMjgyOTk1Mjk3MA&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8rZIEaLT91bkTCGX4AYqDmw
Request Chain 291
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2eEw-EQhzGlrhC7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2eEw-EQhzGlrhC7g
Request Chain 292
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGYelkHHg42zqJrF8CGASi8&google_cver=1&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3lkSzIhEQEx2pDcE9aGFG51Og7a39_S6SYh-yQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGYelkHHg42zqJrF8CGASi8&google_cver=1&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3lkSzIhEQEx2pDcE9aGFG51Og7a39_S6SYh-yQ&apid=UP87c58796-7faa-11ec-9a03-02aec6d80f0c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4N2M1ODc5Ni03ZmFhLTExZWMtOWEwMy0wMmFlYzZkODBmMGM%3D&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3lkSzIhEQEx2pDcE9aGFG51Og7a39_S6SYh-yQ
Request Chain 296
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfVpL7LU-zDnGjubH0VG_a7DOkx6wHtEpfJ8uL9UdYuAm010nvs9eH8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfVpL7LU-zDnGjubH0VG_a7DOkx6wHtEpfJ8uL9UdYuAm010nvs9eH8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlFmS0xlSmYxTmRhTlY1&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfVpL7LU-zDnGjubH0VG_a7DOkx6wHtEpfJ8uL9UdYuAm010nvs9eH8
Request Chain 298
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC33xmncJLWTgdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMTAxMDMzMA%3D%3D&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC33xmncJLWTgdg
Request Chain 299
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKxIOuQhgknZzJiaPvcZ_E0&google_cver=1&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2npFe9kW5dmVLec6D2gmVtlrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSSEUtMU8tQlVOVA==&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2npFe9kW5dmVLec6D2gmVtlrg
Request Chain 300
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM
Request Chain 301
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-27RyqZskcZgI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-27RyqZskcZgI
Request Chain 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAt_QQ5Je7sUA8FSG3pzx1M&google_cver=1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643313095354 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0cab4007-bef2-4d3a-9753-d516fd605943-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw%26google_hm%3DAwyrQAe-8k06l1PVFv1gWUM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&google_hm=AwyrQAe-8k06l1PVFv1gWUM

352 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		106 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
5ae5c20828dd70814e9700d5acabb9a7c7403494da12620c36a03043ea9046b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jan 2022 19:51:26 GMT
dbr-company
posthaus
dbr-device
desktop
dbr-orquestrador
true
etag
W/"1a777-jqyc9qucmk7YWQJPmDc+RoMqGTk"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:18:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:27 GMT
vendors~app.css
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:25 GMT
x-frame-options
SAMEORIGIN
etag
W/"9254-17e988d0208"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
app.d6f218c2c5ac329f0c62.bundle.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		615 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/app.d6f218c2c5ac329f0c62.bundle.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
f1ffbc84839ac4ef3032fd2bbc52f8543d09e414ce447528b36cb4c781b9f799
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:24 GMT
x-frame-options
SAMEORIGIN
etag
W/"99cf9-17e988cfe20"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
polyfills.6c4275ad25d099142998.bundle.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/polyfills.6c4275ad25d099142998.bundle.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:25 GMT
x-frame-options
SAMEORIGIN
etag
W/"1eed-17e988d0208"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
vendors~app.34695cf0dc5e60fc7077.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		643 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
dc128e01895c3673761c6d95107a8bd3bf9605e6cc56cddbc3a242f7b3ff655a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:25 GMT
x-frame-options
SAMEORIGIN
etag
W/"a0a96-17e988d0208"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
home.fcc9f923176363b12784.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
20dbcc48ffb976237082ff4b9113ae1912e2774043f4113a3b30bce1cfa3b67f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:24 GMT
x-frame-options
SAMEORIGIN
etag
W/"3c89-17e988cfe20"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-home.fcc9f923176363b12784.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/desk-home.fcc9f923176363b12784.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
1a58042ff47729c4da77cbb690218d461cc04195c365f6bc17d61bbcb3b1f7d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:24 GMT
x-frame-options
SAMEORIGIN
etag
W/"4d5c-17e988cfe20"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
desk-product-list.55194cb73643539c1c8e.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
54f4d60f804042e75dd677b4f2cb57c5dd1744a8b2d4c4b2a42a6a04e88e0fad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:24 GMT
x-frame-options
SAMEORIGIN
etag
W/"7302-17e988cfe20"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
product-details.94d0f6349ae3ef70ac80.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
3c7aa3ba0aeef9b70abc6a75639fdba23f7ab13491c22c9b91d5d34600eec809
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:25 GMT
x-frame-options
SAMEORIGIN
etag
W/"3ea5-17e988d0208"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
ic-navbar-logo.svg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ic-navbar-logo.svg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Dec 2018 19:29:01 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
2614
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-mastercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		853 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-mastercard.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:59 GMT
server
Apache
age
0
etag
"355-5b5e51dffe0c0"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
853
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-visa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		629 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-visa.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
etag
"275-5b5e51e0f2300"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
629
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-amex.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		534 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-amex.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:54 GMT
server
Apache
age
0
etag
"216-5b5e51db39580"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
534
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-caixa.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-caixa.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
876
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-hipercard.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		771 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-hipercard.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Jul 2018 19:05:44 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
771
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-elo.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		781 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-elo.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
etag
"30d-5b5e51dd21a00"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
781
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-discover.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		762 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-discover.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:55 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
762
expires
Fri, 28 Jan 2022 19:51:31 GMT
img-reclame-aqui.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-reclame-aqui.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:01 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1152
expires
Fri, 28 Jan 2022 19:51:31 GMT
img-ebit.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-ebit.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:49:00 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
1139
expires
Fri, 28 Jan 2022 19:51:31 GMT
img-go-daddy.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-go-daddy.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 14:25:14 GMT
server
Apache
age
0
etag
"bc6-5a68ddd21398d"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
3014
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-facebook.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		197 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-facebook.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:56 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
197
expires
Fri, 28 Jan 2022 19:51:31 GMT
ic-instagram.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/icons/ic-instagram.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
via
AX-CACHE-4.1:113
last-modified
Mon, 07 Dec 2020 19:48:58 GMT
server
Apache
age
0
etag
"c9f-5b5e51df09e80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
3231
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:31 GMT
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
539968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:52:02 GMT
fontawesome-webfont.woff2
staging-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.css
Origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:30 GMT
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
content-length
77160
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:24 GMT
x-frame-options
SAMEORIGIN
etag
W/"12d68-17e988cfe20"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
997
date
Thu, 27 Jan 2022 19:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 27 Jan 2022 21:34:54 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38b1c219fe6f56f32447651c708acb690e03ee0bfaf27fde08583ded31ae3e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85153
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:31 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/app.d6f218c2c5ac329f0c62.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3576
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d4484241e46920b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:51:31 GMT
vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
staging-dbr-pwa-posthaus.ecosweb.dev.br/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~desk-home~home.56a60e86694745efdfcf.chunk.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/app.d6f218c2c5ac329f0c62.bundle.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
177.101.99.62 Blumenau, Brazil, ASN28343 (Unifique Telecomunicacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
d8c4476bab111efd48e842ebb2618092008da3869f86314ece934c72dc9c599a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
dbr-orquestrador
true
x-dns-prefetch-control
off
dbr-company
posthaus
vary
Accept-Encoding
x-xss-protection
1; mode=block
dbr-device
desktop
last-modified
Wed, 26 Jan 2022 22:41:23 GMT
x-frame-options
SAMEORIGIN
etag
W/"ecdc-17e988cfa38"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3575
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d4484243e86920b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Jan 2022 19:51:31 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Jan 2022 20:48:34 GMT
js
www.google-analytics.com/gtm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=509527467.1643313091
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
web
onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7ec740a9-5a39-4226-84bb-3159b70dd38b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf9bb6a04e158a4259c7a1ddcccb460c069c95bd252bb1fd061a2a69d1bbf9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200 OK
x-envoy-upstream-service-time
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e081af9e-3077-4bb7-8598-b3f132a05164
x-runtime
0.026534
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bbf9bb6a04e158a4259c7a1ddcccb460"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d448424af65920b-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 27 Jan 2022 20:51:31 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c7188156e3220b6c96061728d90cb3fd8e8b7a91f16d647c835fcd03efac081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62384
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:31 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e40e39ad2df24aef14900976dda5577cdf932ee9897044247ab20d6a5f1a4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62378
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e4ae35cb48a049bfc6702536b8caee2523a58b6e0583a31d4cff3136b86c1a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27130
x-xss-protection
0
server
sffe
etag
"1115 / 31 of 1000 / last-modified: 1643303726"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 27 Jan 2022 19:51:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
jKvXLs7JRaYeqbLfJo4MhEt0jI9iuTVEF3ubeZ1LZSChcds+cE49i3DBgSbokg7YiNCCezo0r429D8taowZ1pg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 27 Jan 2022 19:51:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
cdn.pmweb.com.br/df/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.230.146.239 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 18:34:31 GMT
Server
nginx
ETag
W/"61f042b7-4452"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=300
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Length
6918
Expires
Thu, 27 Jan 2022 19:56:32 GMT
tags
us.creativecdn.com/ Frame 1FA7
Redirect Chain
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1...
  • https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313091364&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Redirect headers

date
Thu, 27 Jan 2022 19:51:31 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-max-age
3600
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2&ncm=1&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313091364&tc=1
content-length
0
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14855
x-xss-protection
0
server
cafe
etag
17539559064140624452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Jan 2022 19:51:31 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:30 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2AFA73B1B8CC4527A7353BDB830CC6F5 Ref B: FRAEDGE1311 Ref C: 2022-01-27T19:51:31Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100142-IAD, cache-fra19168-FRA
events.js
analytics.tiktok.com/i18n/pixel/ 		119 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220127195131010113006071123773AA
vary
Accept-Encoding
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
91,92.123.107.84
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc3f875d52631510e4e5665692b78501a41812b0882bcb4400f3a349cae6dd00245bcde112a72343c6dbc71ef6f0b6aa4a61dc9a80394405ceb52dc4ed2a49f36646f101f76fe7bc6509f0b8e52aba0b047
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=90
x-akamai-request-id
7e387f98
expires
Thu, 27 Jan 2022 19:51:31 GMT
logoLareLazer.svg
ph-cdn3.ecosweb.com.br/imagens01/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/logoLareLazer.svg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 14:14:06 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=43200
accept-ranges
bytes
content-length
1521
expires
Fri, 28 Jan 2022 07:51:31 GMT
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
914
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930c-cb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIBkHjvpu%2FMeMNCq4A0uyxkQjYArGl%2FyOGlhN2pnYshD5BAS703acjEuH9Y4YJg3Wv92Xxclrw5lmB%2B1a4zKnSxEmEiux3X86WG3k8M8d8OckkCePZHKH%2BOsuvQbKK0jshs%2BX8cZfbTfvcLe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d44842639ac914a-FRA
expires
Thu, 27 Jan 2022 19:56:17 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
209355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLB8s88rjgU9bK4QbfFMTdh0YIN8Oi2J3k9bS2jN8c%2BDqMoqXF%2FipJeLJLguvgidDwHO4pdgeka7osGTUlZ%2B73qC1YmAJFzHIF9uGRjBwdPHhstISfu6LSyMxjMot2LPSfTmV7yWEp%2BK5X0Za%2BSNc5GZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d4484263be89207-FRA
expires
Tue, 17 Jan 2023 19:51:31 GMT
1040557206700558
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1040557206700558?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
XlTyJjpUEhSyRo0xU6JsAMx6uiKvuJJ7jRdFHwPIad3kZQDY8bkxayp4cyRz4Q+BWbsoxmFalzZR4snee3nzXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 27 Jan 2022 19:51:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
4074602.js
bat.bing.com/p/action/ 		680 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4074602.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fea60809cf148839eb77568352e7ef2d9b156db8978b64ae5bb5b16018a18f74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:30 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E56907FA92746C08491EF5C7FCFDCBE Ref B: FRAEDGE1311 Ref C: 2022-01-27T19:51:31Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
579
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4074602&Ver=2&mid=78e57257-5a33-4aeb-adc5-939025645954&sid=8636f3a07faa11ecb42be5d548d025d1&vid=86370fc07faa11ec8677cdc6194ad8c1&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Posthaus%20-%20Roupas%20femininas,%20plus%20size,%20infantil%20e%20mais!&p=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&r=&lt=6390&evt=pageLoad&msclkid=N&sv=1&rn=828913
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A61F390D34145299C201F7C1C3F18B3 Ref B: FRAEDGE1311 Ref C: 2022-01-27T19:51:31Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RF7L3756SK&gtm=2oe1o0&_p=2002518891&sr=1600x1200&ul=en-us&cid=509527467.1643313091&_s=1&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313091&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF7L3756SK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PL4DYBH48C&gtm=2oe1o0&_p=2002518891&sr=1600x1200&ul=en-us&cid=509527467.1643313091&_s=1&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sid=1643313091&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PL4DYBH48C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=PageView&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313091556&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.2.1643313091554.1846665690&it=1643313091405&coo=false&rqm=GET
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 27 Jan 2022 19:51:31 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 18:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Jan 2023 18:03:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		58 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=staging-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
22d7ce21ddc25895fb3864c49426286538d566a788788761d93cf6847af95d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
expires
Thu, 27 Jan 2022 19:51:31 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313091573&cv=9&fst=1643313091573&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b243631b2049e2222ee338f14a169594a7e07fcaed5f24787c0b0b1bb3a5db0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3c3a1ecc-13e6-45a5-bc71-db037253c8c1&tw_document_href=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
107
date
Thu, 27 Jan 2022 19:51:30 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
081b92c9a60d3b49816fbdf545a3223761cb9d6349f9e513f52e69e4283d13c5
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx3zh&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3c3a1ecc-13e6-45a5-bc71-db037253c8c1&tw_document_href=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
112
date
Thu, 27 Jan 2022 19:51:31 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7fee8cf50d7c0f7af5d7da4f5a30d9e03b8b1840cff45d8e80a902430214b0b3
content-length
43
tracking.min.js
www.artfut.com/static/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1170
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930b-686e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jU22lZFz%2FQXRao6Xi9CdoUJY%2BXJEXWR%2FtzCDgVfvUTcgC78fkHhddb%2FwTgfWogTm06PHQp8wBY5d15nZbFPVpdpo84VB1RG590hnmz9mWT87J3oUJa42kX8hrviVUEuGDRiWEW1V75gQdQk8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d4484266a3b914a-FRA
expires
Thu, 27 Jan 2022 19:52:01 GMT
crossdevice.min.js
www.artfut.com/static/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=d11d781f62
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1161
pragma
public
last-modified
Mon, 21 Sep 2020 11:48:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f68930b-655c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRFSzDKvhXQ4c79I5tBg7hHmtjyP5wMGjunO3F9hSK5P6cOA3rNIGUSRtNBWC1tYpiX9DA8kLPLMhsWCAoVDAnTlSLTdM%2FdqFhbVyu%2F2cVB12fnZFhSJsypDPXIIJAdr8a0xxIXFF2xMqnOO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200, public
cf-ray
6d4484266a41914a-FRA
expires
Thu, 27 Jan 2022 19:52:10 GMT
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313091573&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1735009467&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313091573&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1735009467&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
a4e2eb60.7e38815a
date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-222-81.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-parent-response-time
89,92.123.107.84
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=1
pragma
no-cache
server
nginx
x-tt-logid
202201271951310101131351391461772E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,23.218.222.81
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc333377c7cd719c0fa569bc6e86486f622faddbe188320cc043d6367e7545dd5fff8de4e683d9a3bcb1abfb025cf9ca36ab0c2c6a7ca3116c8e01a4ce607fa5fb4b418c8055272abd5ef8e6ae9491f4c9bedc77475e27ee5acea854ab56d753579
expires
Thu, 27 Jan 2022 19:51:31 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		708 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4SF02FPECQ6U88EVT00&hostname=staging-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
7e3881a2
date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
server-timing
inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length
329
pragma
no-cache
server
nginx
x-tt-logid
2022012719513101011313509815363BB8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,92.123.107.84
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc3f875d52631510e4e5665692b78501a41812b0882bcb4400f3a349cae6dd002453ebd40ba2047e1b46cedfcf588e99cd07ee121406ea896c0f477bb8b3a7073e1f8c28c8d294a426e5aa05fa259439e34
expires
Thu, 27 Jan 2022 19:51:31 GMT
clarity.js
d.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/4074602.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:31 GMT
content-encoding
br
etag
"1d811e72bf47200"
last-modified
Tue, 25 Jan 2022 12:29:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&RedC=c.clarity.ms&MXFR=128893F06EDE6E9D20B482C96ADE60A3
  • https://c.clarity.ms/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&MUID=24C48635B5E4637F2ABA970CB43662B7
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&MUID=24C48635B5E4637F2ABA970CB43662B7
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 865E621A58954BF590A040AD0C61CBA8 Ref B: FRAEDGE1311 Ref C: 2022-01-27T19:51:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=BF48E30699D948A588E68602871A00A0&MUID=24C48635B5E4637F2ABA970CB43662B7
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
pixel
analytics.tiktok.com/api/v2/ 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022012719513101011313509815363BCB
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
103,92.123.107.84
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc3f875d52631510e4e5665692b78501a41812b0882bcb4400f3a349cae6dd002453ebd40ba2047e1b46cedfcf588e99cd0742b7a752156bdd1bbc9dfab2697aa445c9fd523f2a41e703b17b570956127ee
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=0, origin; dur=103
x-akamai-request-id
7e3882b3
content-length
0
expires
Thu, 27 Jan 2022 19:51:32 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1040557206700558&ev=Microdata&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&rl=&if=false&ts=1643313092058&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%20%22%2C%22meta%3Adescription%22%3A%22Aqui%20no%20Posthaus%20voc%C3%AA%20encontra%20Roupas%20femininas%2C%20plus%20size%2C%20moda%20infantil%2C%20moda%20masculina%20e%20muito%20mais.%20Confira%20as%20promo%C3%A7%C3%B5es%20da%20moda%20e%20aproveite!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!%22%2C%22og%3Aurl%22%3A%22%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.2.1643313091554.1846665690&it=1643313091405&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 27 Jan 2022 19:51:32 GMT
collect
d.clarity.ms/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:51:32 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
/
df.pmweb.com.br/push/ 		2 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://df.pmweb.com.br/push/?aid=PM-NW3T6C&cid=545001643313092222&sid=136561643313092223&pvw=9d17d67d-63a4-4f08-a01e-52a174f9ed68&v=1.19.0&rs=1600x1200&tt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&ws=1600x1200&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F
Requested by
Host: cdn.pmweb.com.br
URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-NW3T6C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.230.146.239 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-230-146-239.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:33 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/plain
Access-Control-Allow-Origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2002518891&t=pageview&_s=1&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEITQAAAAC~&jid=1057420397&gjid=1451959381&cid=509527467.1643313091&tid=UA-46607966-3&_gid=1594865279.1643313091&_r=1&_slc=1&z=450463001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv4.icanhazip.com/ 		16 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.114.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c12a2e1c137d9d9a44b0066f5af75f857f02c1507853146687df8a74215be91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
6d44842c5a899225-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
tags
us.creativecdn.com/ Frame B61E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags?type=iframe&id=pr_hhX6cMuePreWPuw9xLe2_home&id=pr_hhX6cMuePreWPuw9xLe2_lid_HUh9EBLW8VThA3d2OtAX&su=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&sr=&ts=1643313092516
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers
ld.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P89M654&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Jan 2022 19:51:32 GMT
img-cadastro-posthaus.jpg
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-cadastro-posthaus.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 18 Jan 2022 11:30:58 GMT
server
Apache
age
2030
etag
"14515-5d5d99a5dadf1"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
83221
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:32 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
569 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4SF02FPECQ6U88EVT00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022012719513201011300613912418562
x-cache
TCP_MISS from a92-123-107-84.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
100,92.123.107.84
x-tt-trace-host
01cb60dede288504f6278ad57ccf6d3bc3f875d52631510e4e5665692b78501a41812b0882bcb4400f3a349cae6dd00245244f997d9878ba802398f71f7da6f151b6bddf7cde694e64e241dd4904e975879c3b07cbcc5372efc1e5e7b683e33eb2
server-timing
inner; dur=13, cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
x-akamai-request-id
7e388841
content-length
0
expires
Thu, 27 Jan 2022 19:51:32 GMT
/
staging-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/ 		0
0
/
staging-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/ 		0
0
/
staging-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/ 		0
0
/
staging-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/ 		0
0
v10
staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/ 		0
0
v10
staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313092585&cv=9&fst=1643313092585&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8234095c4d6495e0588aff7b14132450368c3b9c3aac41ae556028742deb715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946508691/?random=1643313092587&cv=9&fst=1643313092587&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f626080b7691b566199c53e0d4bc86026350f8ccc728bc560e804c8eb7d84bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1173
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1048808556/?random=1643313092588&cv=9&fst=1643313092588&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8aad3edde45bb3026e34d765b4720fa7065399b7416577a58df93e74e35bf90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1053199656/?random=1643313092589&cv=9&fst=1643313092589&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa0d53d2b7c918d764f7ef97168ca41d32d37459eb29348a726c9f9b7cf51e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0_0_100199833_1_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_1_1600.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
51322
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199833_2_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_2_1600.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:05 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
74087
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199833_3_1600.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199833_3_1600.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:01:06 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
66303
expires
Fri, 28 Jan 2022 07:51:33 GMT
img-frete-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-frete-gratis.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5962
expires
Fri, 28 Jan 2022 19:51:32 GMT
img-troca-gratis.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-troca-gratis.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"1415-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5141
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:32 GMT
img-payment.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-payment.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
via
AX-CACHE-4.1:113
last-modified
Tue, 26 May 2020 16:45:22 GMT
server
Apache
age
0
etag
"155f-5a68fd247ac80"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5471
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:32 GMT
img-qrcode-app.png
ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/imagens01/pwa/assets/store/posthaus/img-qrcode-app.png
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:32 GMT
via
AX-CACHE-4.1:113
last-modified
Wed, 25 Aug 2021 17:36:10 GMT
server
Apache
age
0
etag
"3dd2-5ca65afa07832"
vary
User-Agent
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
15826
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 19:51:32 GMT
0_0_100199837_1_1_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_1_880.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
0
etag
"f1cd-5cf7d697d67e6"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
61901
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199837_1_2_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_2_880.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
0
etag
"aa5d-5cf7d69817ec8"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
43613
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199837_1_5_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_5_880.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:31 GMT
server
Apache
age
0
servidor
Loghaus S-Cache-BNU-CDN01
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
27297
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199837_1_6_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_6_880.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
0
etag
"6107-5cf7d698a8366"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
24839
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:33 GMT
0_0_100199837_1_7_880.jpg
ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ph-cdn3.ecosweb.com.br/Web/posthaus/banner_JS/0_0_100199837_1_7_880.jpg
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.187.65 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
via
AX-CACHE-4.1:113
last-modified
Fri, 29 Oct 2021 13:00:32 GMT
server
Apache
age
0
etag
"5d02-5cf7d698de2b0"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
content-length
23810
servidor
Loghaus S-Cache-BNU-CDN02
expires
Fri, 28 Jan 2022 07:51:33 GMT
syncframe
gum.criteo.com/ Frame 5430 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=staging-dbr-pwa-posthaus.ecosweb.dev.br&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2192
date
Thu, 27 Jan 2022 19:51:32 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
/
www.google.com/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1048808556/?random=1643313092588&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3641216075&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1048808556/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1048808556/?random=1643313092588&cv=9&fst=1643310000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=event%3Dpage_view&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3641216075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313092585&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3380142623&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313092585&cv=9&fst=1643310000000&num=1&label=2nWGCJWn5AMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=3380142623&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1053199656/?random=1643313092589&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1455680567&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1053199656/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1053199656/?random=1643313092589&cv=9&fst=1643310000000&num=1&label=6hwdCNz-kQMQqJqa9gM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&random=1455680567&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946508691/?random=1643313092587&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMKcJJKnhPaE6T6gkeYtYfv7zjzwrAM02MhND_N4290pODqx_C&random=3899356321&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946508691/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946508691/?random=1643313092587&cv=9&fst=1643310000000&num=1&label=8FpTCO3L7wMQk6eqwwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1o0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&tiba=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMKcJJKnhPaE6T6gkeYtYfv7zjzwrAM02MhND_N4290pODqx_C&random=3899356321&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 5430
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=ecosweb.dev.br&sn=ChromeSyncframe&so=0&topUrl=staging-dbr-pwa-posthaus.ecosweb.dev.br&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=qGL1MnxLaGJYLzh4ZE5mRlVDcTF2anIwR0REOGZKWis0K0lEOUdhVXZ3N3ZZSlJTZDl3L0ROd3FDTkpQdHNBVmlXczBac0czNEt1dHV2TTlpMjVNTU5UMStFUDBzblZBTDZNL2dINFhkQlFMSy9wQ05UeDd4NlBaVm84TE...
444 B
638 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qGL1MnxLaGJYLzh4ZE5mRlVDcTF2anIwR0REOGZKWis0K0lEOUdhVXZ3N3ZZSlJTZDl3L0ROd3FDTkpQdHNBVmlXczBac0czNEt1dHV2TTlpMjVNTU5UMStFUDBzblZBTDZNL2dINFhkQlFMSy9wQ05UeDd4NlBaVm84TEMvaUVXazJ3eDVjbmhTaWllNTlXS25Ga0czdW9zZFJWRUtTM1R6WUJDOWdabk5TSElQYk0rdlFGOUROL1RId1BONnNzemlZdE1XMUVaUE1LZzA0MUd0ZlNwcldoNnpQY3MxVmRtOWdBSXUxays2OVVmeUkwbXZKaDgxUEppMVdUZi8zNHpBcUthSEY4Qkp6WnV0OVE2cXdNUE1ZdTVrUT09fA&cppv=2
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d1dd0e6a6732a80f3978c1d516a88afbd6b3b44f105209a4e036a07439c4e7e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4114
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=qGL1MnxLaGJYLzh4ZE5mRlVDcTF2anIwR0REOGZKWis0K0lEOUdhVXZ3N3ZZSlJTZDl3L0ROd3FDTkpQdHNBVmlXczBac0czNEt1dHV2TTlpMjVNTU5UMStFUDBzblZBTDZNL2dINFhkQlFMSy9wQ05UeDd4NlBaVm84TEMvaUVXazJ3eDVjbmhTaWllNTlXS25Ga0czdW9zZFJWRUtTM1R6WUJDOWdabk5TSElQYk0rdlFGOUROL1RId1BONnNzemlZdE1XMUVaUE1LZzA0MUd0ZlNwcldoNnpQY3MxVmRtOWdBSXUxays2OVVmeUkwbXZKaDgxUEppMVdUZi8zNHpBcUthSEY4Qkp6WnV0OVE2cXdNUE1ZdTVrUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1678
content-length
541
expires
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbW...
  • https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbW...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbWZyT3F0dmZwJTJGUFlpOXh2bkRyRVVNVXBjVmMxTWx5c2l0ODJmUnVUJTJGUVZYNCUyQnhCY1lxaVJwWUFpbmwlMkJIT0t1Z0hUaTMwQSUyRjVXY3NzTiUyQnclMkJJeW9CSWw2ODJFRnd5cTNBY3dwNjBXUm9MNEY4cngwSmt4N3clM0QlM0Q&tld=ecosweb.dev.br&dtycbr=1833
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2f6b13b1c0d3fef19b11ab7de7c79150094d513e9f624516427837def27395e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
14835415
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:32 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=4764&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbWZyT3F0dmZwJTJGUFlpOXh2bkRyRVVNVXBjVmMxTWx5c2l0ODJmUnVUJTJGUVZYNCUyQnhCY1lxaVJwWUFpbmwlMkJIT0t1Z0hUaTMwQSUyRjVXY3NzTiUyQnclMkJJeW9CSWw2ODJFRnd5cTNBY3dwNjBXUm9MNEY4cngwSmt4N3clM0QlM0Q&tld=ecosweb.dev.br&dtycbr=1833
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1883109
timing-allow-origin
*
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=staging-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=staging-dbr-pwa-posthaus.ecosweb.dev.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=645188121543134&correlator=1065440464625224&output=wbn&wbsu=aa720045-d8b3-4ca3-b34e-fb170cadca72&callback=googletag.wbn1&impl=fifs&eid=31063820%2C31063823%2C31063223%2C31060545%2C31063878&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220127&iu_parts=70779096%2Chomedesktop728x90%2Chomedesktop300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=728x90%2C250x250%7C300x250%2C250x250%7C300x250%2C250x250%7C300x250&cookie_enabled=1&bc=31&abxe=1&dt=1643313093553&lmt=1643313093&dlt=1643313087397&idt=4392&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C409%2C675%2C941&adys=1925%2C1937%2C1937%2C1937&adks=1387136263%2C676727686%2C676727687%2C676727684&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&vis=1&scr_x=0&scr_y=0&psz=1600x8%7C1600x16%7C1600x16%7C1600x16&msz=728x0%7C250x0%7C250x0%7C250x0&ga_vid=509527467.1643313091&ga_sid=1643313094&ga_hid=2002518891&ga_fc=true&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26852
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
application/webbundle
access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:aa720045-d8b3-4ca3-b34e-fb170cadca72
/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:aa720045-d8b3-4ca3-b34e-fb170cadca72
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20a8391f687707264330dcfd14a1873176ed091b67359347ebc3d9ac24b9f546
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:51:33 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a28b5f7e8821e57c2e9edfa510684a25a95503b1ab7647826b786a312ade06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8882
x-xss-protection
0
uuid:c6702770-9efb-ecad-2853-ecad9efbc670
/ Frame 6680 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
661ef97c7583f3594bfd2b45dde7c3963e201000ed93abcde35ca4c0186197a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
/ Frame 3D63 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a75db787fe2e0931fb103fabb0e91f90f6cb31186878fc5e5ae7470d2aadc0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
/ Frame 9418 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a873d535434a6c7ad844ae74eb09ee80c749f1c8d5722dfe3c58c06c915b2b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
uuid:c670221e-9efb-ecad-2301-ecad9efbc670
/ Frame 3455 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e34ac9a85c13a6454c8ee992fdbe204175d50f002e3a9380ab8090d5161a886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
demconf.jpg
dpm.demdex.net/ Frame 5D1C
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
Protocol
HTTP/1.1
Server
63.35.20.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-0eab81db2.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
OrQQOIksR6I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v027-0a1e7b08a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kRF2aFBYQkE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=IcPbQpmGOxtMCpJuFAOKNlXsytJOl3eo
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 5D1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1YZDBCeEZvcjFVeW8yYVQxNmh2bnNEeW55cm9DWXVvWVZlcE8yUQ
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
194730
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Criteo
crb.kargo.com/api/v1/dsync/ Frame 5D1C 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.249.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-249-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Krk-Reject-Reason
consent
Content-Length
43
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 5D1C
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.as...
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7932158940085761062
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7932158940085761062
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:33 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
10139401
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
36d77ac9-a4ac-4559-8ed1-0d9930735990
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7932158940085761062
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5D1C 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-8EMMS1or1Uyo2aT16hvnsDynyrrm0Z7Lt91B_g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Cache-Control
no-cache
X-TraceId
3ad440ce2b17bfaca235ef61c30859f5
Content-Length
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5D1C 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Z3LenVor1Uyo2aT16hvnsDynyrqY4fsdW0isIg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14030
tap.php
pixel.rubiconproject.com/ Frame 5D1C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0dbTRlor1Uyo2aT16hvnsDynyrqE9RUg0uRKUg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
match
ad.360yield.com/ul_cb/ Frame 5D1C
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ
Protocol
H2
Server
34.247.120.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-120-79.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-oEMrKFor1Uyo2aT16hvnsDynyrqi771EBOPFsQ
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
ads.yahoo.com/cms/ Frame 5D1C 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame 5D1C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ&verify=true
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mwn2Flor1Uyo2aT16hvnsDynyrqdqPB49QY_TQ&verify=true
date
Thu, 27 Jan 2022 19:51:34 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55945/ Frame 5D1C
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&apid=UP87c58796-7faa-11ec-9a03-02aec6d80f0c
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&apid=UP87c58796-7faa-11ec-9a03-02aec6d80f0c
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-sWpBeVor1Uyo2aT16hvnsDynyrqdevWgc1AajQ&_origin=1&apid=UP87c58796-7faa-11ec-9a03-02aec6d80f0c
date
Thu, 27 Jan 2022 19:51:34 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
contextual.media.net/ Frame 5D1C 		45 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-IAIAt1or1Uyo2aT16hvnsDynyrq2dQsO9M9RWw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 27 Jan 2022 19:51:34 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 27 Jan 2022 19:51:34 GMT
/
s.ad.smaato.net/c/ Frame 5D1C 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-p3KqTFor1Uyo2aT16hvnsDynyro8x6Ay23uQ1Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
x4lVUZOSRq4RCPNQrrmVDkbKZX3P_by7AFe2b6YcOPPtOV3hFk_Rkw==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame 5D1C
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30
Protocol
HTTP/1.1
Server
3.124.111.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-111-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-U-pUU1or1Uyo2aT16hvnsDynyrrOB4i-qJoirQ&expires=30
Date
Thu, 27 Jan 2022 19:51:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rum
r.casalemedia.com/ Frame 5D1C
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Gi5_r1or1Uyo2aT16hvnsDynyrow20mvZhjT6Q&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Thu, 27 Jan 2022 19:51:34 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 5D1C 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10000569
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:51:34 GMT
sd
us-u.openx.net/w/1.0/ Frame 5D1C 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072953&val=k-YAL--For1Uyo2aT16hvnsDynyrpPTjQQMZHM8g&c=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
partner.mediawallahscript.com/ Frame 5D1C
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom=&tag_format=img&tag_action=sync&custom=&cb=9f43533a-c8b5-4929-8b6f-2862c6e...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9f43533a-c8b5-492...
0
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9f43533a-c8b5-4929-8b6f-2862c6e619a6&final=true&reqid=87f10410-7faa-11ec-aa3b-692d76396350&timestamp=2022-01-27T19%3A51%3A34.353Z
Protocol
HTTP/1.1
Server
34.255.54.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-54-140.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Server
nginx/1.18.0
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
nginx/1.18.0
Vary
Accept, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/?account_id=1043&partner_id=1048&uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9f43533a-c8b5-4929-8b6f-2862c6e619a6&final=true&reqid=87f10410-7faa-11ec-aa3b-692d76396350&timestamp=2022-01-27T19%3A51%3A34.353Z
Cache-Control
private, no-cache, must-revalidate, no-store, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
294
Expires
Sat, 26 Jul 1997 05:00:00 GMT
362338.gif
idsync.rlcdn.com/ Frame 5D1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&ct=3&cv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
check
pixel.tapad.com/idsync/ex/receive/ Frame 5D1C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
t.gif
cw.addthis.com/ Frame 5D1C 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.184.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-184-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:34 GMT
pixelCt.tpmn
ad.tpmn.co.kr/ Frame 5D1C 		170 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-2AucO1or1Uyo2aT16hvnsDynyrp8Y5FtvWs5eQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
132.166.102.34.bc.googleusercontent.com
Software
/
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
vary
accept-encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
content-type
image/png;charset=utf-8
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync
tg.socdm.com/aux/ Frame 5D1C 		43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-k7hnNVor1Uyo2aT16hvnsDynyrruBbVs8nLjsw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.42 Shibuya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
10
Date
Thu, 27 Jan 2022 19:51:35 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=k-k7hnNVor1Uyo2aT16hvnsDynyrruBbVs8nLjsw&proto=criteo","cluster_id":10,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL3x8Co8X0AAB6ydMwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40046"}
X-SO-Ads-Time
5
X-SO-Key
YfL3x8Co8X0AAB6ydMwAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40046
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
a-ad40046.dc2p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
185.213.155.162
sync
adgen.socdm.com/rtb/ Frame 5D1C 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.241.208.2 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-SO-Cluster-ID
50
Date
Thu, 27 Jan 2022 19:51:35 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?dspid=23&proto=adgen","cluster_id":50,"gdpr":true,"ipv4":"0.0.0.0","key":"YfL3x8Co5rsAAC8nBZ4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad116"}
X-SO-Ads-Time
3
X-SO-Key
YfL3x8Co5rsAAC8nBZ4AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad116
P3P
CP="See also http://www.scaleout.jp/privacy/"
Cache-Control
private
X-SO-HostName
m-ad116.dc4p.scaleout.jp
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-SO-LB-Hostname
a-ng40007.dc2p.scaleout.jp
X-SO-IP
185.213.155.162
Pug
simage2.pubmatic.com/AdServer/ Frame 5D1C 		42 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JNFpnlor1Uyo2aT16hvnsDynyrp0rDe_uZl-7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:33 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug006:0:274
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
cs.adingo.jp/sync/ Frame 5D1C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-I-gDTVor1Uyo2aT16hvnsDynyrrdGfcgZuaGsw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.179.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-179-39.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
server
awselb/2.0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2002518891&t=timing&_s=2&dl=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Posthaus%20-%20Roupas%20femininas%2C%20plus%20size%2C%20infantil%20e%20mais!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=9343&pdt=421&dns=511&rrt=0&srt=1608&tcp=625&dit=6390&clt=6390&_gst=6322&_gbt=6616&_cst=6325&_cbt=6689&_u=aGBAAEITQAAAAC~&jid=&gjid=&cid=509527467.1643313091&tid=UA-46607966-3&_gid=1594865279.1643313091&z=981995428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 20:30:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84063
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6680 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DREVcK2z3XPrKPYltB6oS1It4a-PaTVDbNpnCBBHo8YTwFSZW1zsIqkn_5KfXMBSXoTHPq4Ee0BP0JLY-0pd1AkDJhEEOYe-gz85kSuQ9-2zRjvyE
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6680 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:35:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6680 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0e::9d Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6680 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:38:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D63 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJK6SC7BXmeiYOng9C3aRphbGruDJEX7yIrXWzOO_22L5vrX9u-jO2kWd8qc89dM5NZo0IfFoMyZnAIjdFPlppXR6TbvifZgOdClMwmD1yonLJVas
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3D63 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:35:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D63 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0e::9d Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3D63 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:38:53 GMT
l
www.google.com/ads/measurement/ Frame 3D63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShmnt1JZWwRQo-mF9c3COiqwyiRtwtMDpywXkCHJe3TToULCf3IgWJVOoLmnmOIWcvP-GfIYlGhpHJDblJ_tTMXbg-nA
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9418 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTzmldvIZHlBlQ6hV1Lb6saVppeLurZgcrUZlwUq_wPjWNerOGBoTQqCOQUn6xKSyezba8yOq4AjPt5Vp4mHUK-6_yb0f-xq9vH0N3JcBRrJP9Lko
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9418 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:35:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9418 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0e::9d Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9418 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:38:53 GMT
l
www.google.com/ads/measurement/ Frame 9418 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1HDqnWH6KJP_3FgMWQOWM-bNWwtwxphX4NVSCizag65x6WR3jdMvKhatYs36qEYOAnzmFJaSzey4LCn768RPLeFRyWQ
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3455 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrzPZk7iLr7rpGdjcYQRrfc7KX2o9rFpl8iM_ab9MPAWzCLr5quSBWoJGO7cxQVItbPtdYhFA8p0UtY-WyVikutBFj3WF42jyB20O1Qt1i4AT05xY
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3455 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:35:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3455 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c0e::9d Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3455 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:38:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1883 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6680 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVuDW8O0XO0-Brpjlyk-7f-1EzWH9JAFTmegrTD2cMVw3kmTSI8WjsUgGpeXdS9JSDgNT6RKPQVKv5dg-Df0HpRB-MNXpYwVHhiiSMyuqOXJ8K4B6-f5eyk3IW21Tk7atMR9XJhvaspRoLE8FA7g0EGYvyXw&cry=1&dbm_d=AKAmf-BRmtfLhmU8oahwSw7Ip8GCQMlEHMptSAvRJ4ejzx9T_-tGgmCgXuxzErjF-wstoHcw-cMg71h8Ad3eSomjgnsbloP6hM-SG6jdcuUmtWYuXKB1QcOTRpQs-nJoRowMIYFTxggMkHvrnoLUeWwH-pO4tBNfJeSXgptHPerlFrFG1-GeRARxTRad43Bkg9_azGztVuYff1n-LgGJLhjFwtr3k-lPaIR7cVqUidmXLzQJe6MBsIXU-kQIOM2pCokN3CI20KSDtGca4EHdgYaXXFBvQcOMQ2Hx4YEwq_3L-HcC_tL0gK2_8na6cUF6stYDi1eXvgF0dy0GeD-aJwfo-UaC47-PkmpWy3sGQNmOwFLCHjjEDCwW4AEroAoTYsJrVRLXRA0h94RLYgry-qsSB3GLGciGr3lDdTqO9ZiFP-L4RQoZlN3R5ZOOZW7dqe_OdCTyKFu3dQ9MOCV-rfTGs9g_8x19B9AwPOzoR306omWVtKud5zTKdtjdrVj_7dLgmulqkPI7GpfeUzebMR6Xs51ftCL4kSQ6fHxcsZdUQwNqjXsLaT9m639vfUzMqJ6X7TIbYQGdjlSQFeCrxd1ZQucIdoVMxR4-M88jgxuM0g_eVFDXF0pWwa4X6WvQbA3LU38Od5i45sWKA-sauDcKjMiXtEyiHQqWDbEvgY3UzAkqDFKKw0psGHbkrK-OajAfN5oVWztXNh1eJzxz4WiKNXpqy5QTWR63U8CuueFtYkVp-TFJsFjmJ2YBsb-38t-wUEkrTmInBqtkeW9BHJq2eBfOlt0rNsRMYQTCRAj51-n9flA1-M3KMEa1EQ6wNWmqWv4EAXlIXoChEZZtWCB_VAIv0O5YnVZJxJUHPlu3e2eMh2B3CIxvlWk6vCvaqn1QTyYcIsbTsOK8_Y8hq_VzaecDdYMAnY-IDReQ0I2M3V6baPARrNnbBQYW3IkJDpUeA10VQWUtMG2DU9kXHdGQN9id3ZeedDSVb8Vbl8V0u8Z3gMc1dRJ7eYGtofSBFr392jHJDNWkS41ebumm1hYnziXO8rDxUu0x7Tv3sPhJlWdR5GzNwUShU-kyHXSVoeubxTT3-RAyvKG-sioOVt4osa2YDrUOIQoOKdumEaBXUdNSVwp2Nn85VZaxkRySObMrfGOL4XHdVxMPHb0pmGSKLb6GnYz7Nb5iP8PPkdnd6cGJJTzSHHCvU5robnuanyIRVMmVOLTpf6AY6tGFrYrsoyuTUbDSLMuvBzWYyoqBpeU0z-L1djZHhRjHUvSn7WcmpraYuET38aqfIkkkJg6G1TsSBUonUNdiYXRomxjGwwrApJoxbZkoZJMUuSS7LZC_Z7JjLx3JY7X5WRwilPbDI5zmaPW3hNWA3Z_SjwpGiMGN-Vh3gFdA5KZ7YRnvC2_OTNw6DpXA0t_UBeqtXkTNUHH9G6-v96mYr3AgYOGuH23rIoGLjg-hCGpoAxIdhZTePK3a3f-f6uMOVG-Y597AQ1xFPgAqTO13Y0yGC47hoBUob-m8vy8WxvRY_kCkPmD7KmCzuN5QI-MS_Yu0tR3jZYag4pLghqIb_88XXCa_Ztek0pFaHYW3ZW9xCX361ucFVRkfFDccWQGrP5cWteEjFcv8vbuKt1RhcT8vzXQJ6tDFZ1vs95_Y-ZDlI0tAc-BFSvP0hAaojK7kXgHo8ratogbzOF6W6xqegGKRSitLAqIbyDRNWhn7_tP-gEVCfsbaN9Z4DorxGe-6sSzhEvhdvbqC4fI0KV7bSG0X51BmwTMedZZRz7uCBAGUUjMNSrlzE9M8DO8s-uTKLLojktGUrUxrZCvNUi4GAJmrWtR7sCX1dT4msxqGcg0Dd0yBYHsa6p_qn7BW9KcPGgbl3MKkvClb2CofXWxqqSBtVm0Bt7NAxdVlguDDSXWgTUsGk7S2ICP022DKvgn11x5iex6txtCoEqnS47WWoqKcmxJZWiJqw8qXXX0eGdIOYf6AdyS67QeX8CDwG482pIL-GB4uw3ZyxR88T7H5kRAHERFLMG4BGt3nbofX3dewgttJNxg681xFq-N8yxH0SAZKBktA_hQyehDzRATrfuTZs7L8GTpimoucVDPgUtWHJHFiGs3V0McLTP7E6boRykciHsE0h6Dezt3XLdx69woEDklkXp9WK-AF0qGlIWLk1wmlddG5Nvo4BuunSiv6NgxOEs6Kq1zOphERdYzJdrsNa07XEGymMk1EW566eHxqZSgVrjxDTfwL6dXSMdUXE9enRvaZwI5EOV-eEYk4bxQ6c6C6Ypij1vpih6spEJCpEc1dLkHN2GyDMSv2lW8WKezosuQACbzc5OBAFNEWUf8osD61lgcqs5b6havwPt9HxzK5d9zOqu2vjh6Uq2_2RiR0OstPSxXb4xZyEZZ7QYbKZKDMcyWqSpGP9QhaXVe5LMb97aqGkLMPnX2tqRhyUI4Nmg29pQWMeznewpwXvjc-XYtRAIolNDoA4I3hSrjz6rpJNccI8rp-6nQhO1WnV1L35J2XK_BC4NXe3fzFjxlVFZgHohCVJHMLTr_xEsB8qqrnSzzv2J-uwsIZ80G2ITPf2y5j7tS1GyOqCg7kJHJ75McKRusv5qvN7989iGN3RGeX-ikFoZVxC8sOfCT3NDPXRysUBWsIpxvdk_Qt5rO_liGrgwXQ-633YvQZlTuqSbvcChP2n8Y-_fKSrliDcM-UkPJfrNfJSSPFVlbM16ci8MDoaLcCiPRwI2cL8SsjCmCtp8gfS9uUr_iwL6VKIpJWAQJAVp6EoJjuLyJFrogcp4rz-d7sibwqCEnWovbFt9G7YV489F4dUD_6hAVowM88Yw-C5s9U123qGqT_WCZiWxsBQc8mrlyzWQUzdq6tDS2Km3VFYWxUkbiyh5p0BPzBe7I11vLGijKLi6RkDD_y2tGk2gPPD5lmjm_We2GJP7LbDvR_57m16hFzFx6Wl01MQjFRbVb1x-eOPTlX4Ls-Hrc5hEvOGJcwYAd5pTn7EWl53RbtS4UQBSiwGZvoJyCov3SE6545lUDUQqtWN96N_90YPrzoKWwZmYw3q-41LKkXEDIwSJpMtWjna-eWF7Xuv234UU1nnyysbqrMAyqjs5bYvscI1WspPRYTx7XKmU0k_SIBDOKhyF5SafkpbkX9XOdCtMrgpEx8zp2htTS8WeR1-ijQMNY4FqUEc9E0vJ8ZZZSr6jhdxzEwbWfGClydU0rlt_tZMPJioTGDdWKDGHM03wRzf2OidRdjf28sHhOJ81CmGgFp6Ddb&cid=CAASEuRoq64RgJ6uwPjJADwzqHCm4g&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac6702770-9efb-ecad-2853-ecad9efbc670%240
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f11275ff9412091af4c4d1bf259628a23068f110414e343f61f4f0a8b1f8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14584
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F536 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3D63 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjvK2Wn-F7zT1M6k9-t9t8Kiw1wStBVegz-nWw155s5yoa8Uma0XW73TXa8BlskQXZDktvPffmCN8hu8uZ1S0kXDBEZb4AmKHx4SE_unCMPWZ8ny7GwmIGN7nQ-U0C2o5pyJ6U5vcdADh5WkMYfxISN3TB8A&cry=1&dbm_d=AKAmf-A7W39jKZv2HoJhEb9ivVOLq5hru0Ldgl10KIqvyiCQ2uAz-e8vW-L0PjfzNzEoJqEIMsXI2hVAGvbvtUu6fhLGKfuzCC1KFGUA1ZEIkSflAfVV_3Gg6upJ1UJsjkDAD6B3YJEEWR6uppOhHzp_ckj9XPnc-Ka5KCk9KcwJYHCBG6AXkeoz_iTJ1c_ylOC2jdmcIV13KZALqMxMROfqlNNrM0Q4Rd6mKGzQoIzQ2GbDheM05yRtEdvF2f4EPqJiENycRpeftk-yBd4xMtfZWCs1cTr-68uameBbDJUeMfanzAej_QHrmT3cixwHBMABTHYNGh0YNtIlxfEjGGjJf0POserOKHsMbn80y_sLsydGzc4M05AHGh3t250PencLiS8X6ojXv3DOsO_yMHDpwneKiNcIYcYKsgCGZCFLefnzT4nT7YG8mEFr2peGkdv3SuJJYFY5rx7kagqL9fgKVdJr1U3Xk0ymThQxbN8xd8OoTwUuaVJstag9f1Sran0CArkymUG0ZVSD1eeB7JxO8KNJ60-m7giS6SkL1rDuMYCZVAQAna778dBJiJA32YyR6v5eaX_z7ZUDudnhJIkSriCpmUmptMsFLwX9ik-s4qGfDSeKr4umeFWJ8o2sB2Ica6gBHCEt9X6JhFT625SXFBsc5Nhp0mYBEetGEk5ONtx1DaH_s4a6v1XhkIziD85oARJOpoZ8s7x7e5PuqtvPrY_Ayjb82TVjqxM9PNnCxnCC6vXu1oaQ0ruYvgXa-rDMf3ma831U5NXsYF9zg7XT76j41PFH7kHSCIEbaQCIWJW7Y9MgFBZ-ga5v5ID-mdJkBOrKLEB3wRaAuL4OxaUvZ3iFMwPjy-XnjxDRtCPqGKaGOigPQHf5y6vfuGiVrraRNXzOvoFwhHGK4qzkoQ3g-l3EblgCWhQnbT_mQEhTvwBaZKDDtIlzcxhPJcQHSjlSUMM8X761NTo21aLEmySFAlhS-KGedvTS-BNQxL9mF5zigUiEBMI7Yi7fVq7Jz2qseSU3jdTgRAzm3DIbUSagu3wb-6_ARIRwKXIkLZJ4KSrNAutTERXI67q98VjEMZVWxfzHX1eAvxIcFD7cPHkLD5fapcDlgiZbWcGXD2BZ0WkH4mE8mw5HLfIwhUqqR08wTFea0RkVqdYd4XDFT9NcnG2qWkkqN6tc5QToC7YaKLDTnTARnmoX4YJz4TBI5PCIFDoAYgF5FaHlld6W_Z808BoTOmzMAyuwOmwJ-mk_fz9zKUAnzGwaGiAknHh9w4w4uITS29FhKiqJ6J1BluV_9UXOOCDsNpjxb7fIEJ8edII-fPOoJGwLPs-WId7ttF6HkzTFLd7O5Am_XEaiHpC4ptGyA4S-7psywHZqv57QUU1qrSmJGlGq2Dd93cxqVg2SxUGHZRAnbiE85rFFGDPtdEuBjSUGqlm8Ef4zmOduR_9hei1mFZJ1wmJ_QxSsYbtl_3sIW52wo2EI6nFqGRFoZKfG5jJq8oezLe4uAqJtnSgSCRg5Zfpx5LCU5HtZqPIGwbmKu0X6y-rF40ZCy8fe-xKnYShlVZnS2SaKYv89bUpKPriatP7evnOonK6ZCtWqAmaZebRw4UPRIMrwsg8iIjwfV-o4Og_3L0c9rBbx9bDkO_T36nq66mtu7hdQsYsIWNEW74j3fh8GBFMscrxIzzMO4ZZNy9aahoBVTsI_BkcvSKi1Ry4aqI1Y16QDXSw7TnSNXWI0v8oWdpMyrAi_3QkrKNqkZn_50ajb0GO2U4P-0yHQLtCXs8F9OuG77Xgx14YQfMBUWSIcCuv0l44Y---9NuX2EGuFJCGD1m0FfVpzCd5P3-9PImUBxdmMZW0cNNARsIiC63O30rMOn6gsJjftExdWiPGHRrt8KhMgXGIHdR71xe06aDz82a2we8eR9Weh7jw8Dy2pvULRWf_V4gO05SnfQ5TE8McfiWTt28YlfZGVS42-aM4-ddkeAuQcTd3THJYVzzdDNuIngiIXe1Q9weVYau9UlvvaR-iUgxJXOvZzvn7c9i6ejHDYdVohkhiwSSIyYBPFkkXsUWOXzg125ibWjyeyBgPtd57hgsRk3YEA6d2ZSLoYKzP-SbITeGkNHUTRyjFPhnCX7N3AJkZiR3hb-U2eIDZKDJ2dBZGDZhbBzbcPKPoDWO-IrIfRAflCGu_pwxvu57P2lz8YVYrzdvbhayWEaTKde73fyOtz4xXLJnVsPa6fnFMHsgBhMdQDG7HnTqVM2F0sNEbVie_5izP5ci_NFaD6dXyEiYqJBcg_mF_9WhB8xp4Qzu2LoV9CC2C_6bPkE4rW3mHf4DnChTwA0VTfaJlO_YIYvvQFuUjm4Gq629ZeHbnL53EAwcC6cBJGYzml0GxLzDzsg5uX_7L6CPVDsjl32HNwn-GLk3GEqXE7f4ZOqHeMYjJhunR3ykQ3_MvCiVL5U0_vS7gkmHe4l-Pfgz_FiXkXRHaVqIn_nnJeOJWQnUTK12lR-Ha6-PeLT-Gkx2Y6JYDyz3ddE0rI34FP0akUK47j8ZgZchtCgHyMS2DnYxnwY35pFdef8ZeB5Fi6GwrzHNxX5CTPYvatyZGPGNW1JaA-vWxrJLKI_tIY5n8LAgn3J1m29y1n6vcyfHTSyjhVyRaqspcG5HxwdCkmXwwhtpc7pojUB_jVAGoaLSCi_YMkLLz-zYRE9MIckMsptGDqYkf5WmdQASm2dQT3Y0j7YZri20j2FpbENMTMMaz_slFZteZ2QKZ-lo3X-0d0rlS1qVWzpD9hjHSpHvxak7BG7Ns1OROYS6mjxAtfgsfnxwbwm7e_uLp7agLyMWDqyLTv5I8tkrU7tu0jghibq6yPHy2PXwVqasYtE6F2hvFYF8pvJdL5NtU1MvKxh0hwkYeXD_h_EuHWODkbCX30HLbCuSkYGrkItafJXZOn4GAurs2Q10ucTErStdcmXOoXzNc38-4ZVYKUkiIbfkyGeiTjKHB6biVEUpGyPe_pRik7NB_8tUrK4fR8AKiBtGGeWtA3DT59Fror3LyyNE-oX_DXRvEkpqIUU-n2PlSxFSH5FSZEDIt4RtJCoI7q1P8DmTXLbK1g7SHRGj-NkMrF8SprnOHQEPReDyPoA1NRDIbhls2gUNBXouSysyTV80SmFSodhaKwjQ-wajIeaZe8tDGqUS2-2SyvV5E6X-PCQZ-eSVRRaexMz-swZlKMzAjeY_VDHMQshdLcGYCVJmSDk99KKUgp69iys-bxVJzP3YsjhU7yWVjca2rG3o-IsKUWxoMYWl4HZ59nHzBPtcuDUKCUIev6iYFgIuwFUuA&cid=CAASEuRoB4_PoWckOYWtdrwIe2LBIA&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67023e4-9efb-ecad-24c7-ecad9efbc670%240
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca58a9825ad59de67df88a60b6bd38fddbfbf13d0ec427e06817463a25683ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14732
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2A2B 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9418 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACzCqbTutwd5edVbN29Oy4hYfNvetKm1zb1Ez268r_wHhiCi50JzXPlEtH-X2_PfxH0rtpqWHm0xku7R4b9PggK8e1vjaRwO3V3BQhnZMlVzn0HVqQcg7sAc65gIEx_O0K590sQOvRi_8W2Vc7pe9V7STgBw&cry=1&dbm_d=AKAmf-BwbKCM9yp88BxMWpSQ-3h06giE_5zEjK4pBjpr_R2cAynT6HomzOc9m7gOKB6QAXplc1KbCymAKjYSQ0MGUobKmYLG5963nSrNQNW3MfOY8BNfvn3Cx61-k4cBWSy3lLquXEN_47VqqL1aCevGsdUCjim5Y8UO4UITSUTWwjHeeXKTZYSnUkMw8n2Jvr4q7oLitDLd0yCcTpBjBEMzwpviessrLSfO-3eleOV3_8jRqyFeyOomCnoOlD4asu8PuZuMPzkJQlTWp_yUBW6s-w5Hfm77MLVL6_i2U4aDVgQ3Ku_jw4x5z4ok58w5aAn-XyAggotXCo5phmJjUqYFymCWCvTj11aLEnemeuHaOEplSZ-zsNx-_2lLX3I5krYBywfsaD_INYzU0w0xH-z6K0XdsOBKauoSE3u8TnWeXtGyYPiEa8rmMd1KAez3rSuyBZZ0qsEhxLA9kJtxPBbzMfjuXRqC5fgiF1LVOIWpa0-iKs65y6g3AdKo856Ktfj0_7FxPAxWL6mc99bO-rB97HNfeJyt7ushsmfZEdHFNqq6TVw5ou49XvyenGGAtJDo0NiYnk3PPRY_o-LxjI2_Ym0zzDIsIm_B9864qqDb01cst5oZCaWzv5Qf_pB_kRF4fadv0nRmbTNF2nTd621fwam1BjjnC-nBljLPb3dvXpdZI6CA9XFg-Qz3QxuRRTDUg-PQv3ZIJBVEDrTmBX58tophJ_CIlCTjFdefhW3jhCBAGMLFzrXJUiRf24wkmHDssF9UcdLqjG4SI41cUF-MeaIfB1Tp2Lzax2eBY5_agO_i6CSKyDfW6FjzM9SvpGGR7rjWBwlS_7KnuHXnxM4jaC1KdBhi05YuebprZMTvf3cQI_smbBSWmqDy63rB5m63-AyiVaD5djg78EWokwRkSCuPfU9ICwZAlPd6FFgeARgs8FaPUH4ypz3-wEym8QcYgPjgE8de3RdlLZ4Wqe50yLQZa0Sq06CUgTJA11w_rHeymHieR9D8VCJUL9Zrg24X-ggGtg-F70g0OU1XiZMJwfxFU1kLX54_WCGDaPhN8Eql0YtKkB_lLnDQKV4Aj5Mwxe0Uol9v0U0wye7sPLSLhXFEeCVBt6hdf7tbqbIeG4vqRMNvqjquNj0BNFqtUnB9BUlCfPws4f-PsNQyAJhx8F6dY8K0tE3GtcpaluWIc5V1GVgIJZJ_PG3Iy1VW__nX9MeranHmJ4ovcAs1QpTCjv7KRuGoI4Q0vmKS3PbfnktVh46vkKLVRVpMwHhU-3n9Iu4xMDVmnQ_x9x-VVqs41pE9GmGD34B6tTou7pmNiLWDwmfIPvIR--bOE5ewmu0ekNh47B_HcOJzdLEkOTj_ly7svlx6LBiZK5CeLpdq_hBJWSmCmXyfQ73PGX22jeyCax5teqMt3MVM7ZT-IuZQv-rh0NuY-AxXDXmok3-MlpmRUoiFmP8w0DNMW2BXloGv-gPNGz08jwm9WXdFZU6Ze6PafcXSCUzKk3VoO4OPLf1QnTtBN3Xa6dJ8tM-A3KArz_OA7kIS1netgIXIoN5p0gsHOSu55QFd4i82rZti3QbDDzVRRk80eAmCeRF3JEX9m0rzb8D6WUkRhYgkzuKwBWJDGdrxVLe6qYxDo35xYDPRWYNTbc1irr-cjGXV8OHX2ZEl2sjG0GkbLbi2IkqJ2LU_YYRZ_Qd1OPmJjnSU7A11rrlk6k_oY_DOc3SnhDlNlM-gvYxDM6tOLCvx7WyBo9s4weMYPe5VbAqsFlC1pN514onrC_HBuIOV9YalLvL-TrJAaYT_L8B2UCJPd0y9VFvUx2MMUIg61RYWYeWSjLLxrU2R5JgLj3EP9e6DzM7ppSgVX7kCWZ6yaJ7Mm_ISeHFacHf0RG-FXVNFTjEQpX_XydAQRUVDpFWv0ISDddu2Sk4bAScBszlC9mPF1DPYlUX0EfFMXoLFHvGsecfK4oWnI3q_rds9Kj504GtFh2Jugil7nXN-dNPjvSqPjEaOqiMmMmFJjZUs-SKXm_DROyCemQDkYFliGgmS6bzZR3zxj-0AcH5JPvx4fsTYH5NnObNq9_-74o2xk0UyRh3XbcJ-hEt65l5p8GwfurRSLlW_dDkN-A0BdQrWj7wmZ93LWJVFpd98J6cO03chHdakyhOfOYiytPwqFNqvY-uP3BR7X3ovzr6gyNtfF1uChCU1pex_HC4tIfh8VNq4hSAyGvKxArTk0uSTm_3in9MVaWjMOQGwTIdjT_vYYW9xn5XoWENhGJNKV2X1PoQz4y01ywmq2BC83PebHwKD6ddx69QikeO8axBOFr83g0OjI5HeQhn5_FTQRcz4sIZ4T390yQjCiX0mSQ0x3UOWEEDoZntEEfUiRXhyXi9woTHB9HiE2LZvBUF7Do8pHre0eFhyacVxBBux8dsY-b-q5dbcg92MJqhcZF5dt4nEbVGgU-USf6WOsKBH6vevDh_qS6f0qrl4IE8ZwukdQnvRTY8fIEl_0CiPKuog3MlKTStp4iYNdiZUf42BllLhFS1G0lfFs9_0q6jmJ9Hm1bVscS1U8K8bQL3hKRl8AOpJnnvvShbU8q-1ZmQ2dyArNwodeh8R_kB7zchmTWitzLsRrvVmexTMHeZ_yP4D_zTst1SgtAkf68umne_FPuNXSSAjVa4ZJuM_zQ3KDtqD51S0Z3qt5q1Pem4NZPkgffTn_H9Id4Q0woGR6PwlTmcsdHklfTgtKb0r-Mnf-JQC3ZJiIuWpXJwoTA3ZcM0DqldGP-U_2BRsl5SOs93lx85qbQ9rpoqeHTI3G7gIEkluZi2-o7NLABLXWFTX-TzqZzosyFJV86GMROSHUzG2bF-xd2qeErNG8DoGHbTuyj-7rLWi4mG2TswsuvQJdDtH3AgDijke-o8yd_nGtDvTpPNFOW3Ohx7690HUyqXCMmvKe0TwxGHX3EDD5S6yyUZCaf-tIkkgoZbbUmhTVK2Z5ph32-rLOVNgu1Wusd8K8yBfPxOfVG1Q6ZUIxDl7AsNtDqZs3XpVfM6AO-qDFVJe-nUbUuLnGcv_7_MJ_8UI3AGRUmXuEjzWo_EnV0dP0_6KwfctQF_etX3p8X7w2DHF3N5rmwsfUdMcoACJYklMsSNi83DZL3jfDois0ryzUOFhNEQ1TYTyaig7eJE6MbjqUFnM3VWOLMCacqPJ46n9ARGOEi26dTPZToAVjihIXfMXkKqhinR0hUf48WvQ6aTDoSowPohWFYFcnWJa8nPqZHEoz67cEUqpYE3NdM7YJftT1j4lN4GiYkRFKlN5CwJ1EXs-MI2AsmF_vqeuom0HV_0&cid=CAASEuRoFx8OlyEdCBDBYQEXH1cOag&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67025aa-9efb-ecad-268d-ecad9efbc670%240
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a130362454aa6b5168cbce1db18c34d64d7ba4797b97d202ff398ca0177164e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14449
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A97 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUqr9aQdvgrkAIUiZQJRJNGrhGq49KofNiKMHPJNTJSCUTJn2PoahpWBmU8fiAgj0RmDGRQjfewvhk5UrZeo9CYI9O5gH4zwwlUSG0FeIH25Jd0rvN93fbO0TalRa9AlfqeejskURqXaevwVMCZR9EpY_nlPr3uBpuCNq9N9AGcj1M5SEM
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Jan 2022 19:51:34 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3455 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DB3zB0CDza2PkHdv8L5LFvYQDs16MPqPaGZUX8d8Pd30dNqWvBksfqsmr5TlvjUrad9AGLWme5tE-YtLcpkT7CPMUfJ7NAqxXdcUIB817ZpLT87_gTXRFiB_tw0TGlup6LHEtZqhmp9bovpDWiRkVP_yiPbg&cry=1&dbm_d=AKAmf-AIzDSLxPMKZinIk4N2xfVidEFX0GrGu7RfsH-5F8g3Dk3qCVQMqui4WlR3zmMb77AkGyEsZ_QW6zseBVZQKR2AN-TH91eJ6A5ZfOkBEa6BcrpyzFpWrB6qFoPQ8BNaZuPghVJ6e3lyLmaWFnKvJpXDGWDNYwzdgigiO8dujAGePjFYgOVg2E3gJi4Xnsu07Ysl7LAlXMuEJCpNnDtQ9pAsNqO9E97QpkbjwAI7GfvEu41v_9xn7Yy7opQ1AH_1269EoNkNBF-N5ayWf_Q8e0gXiyVUNdKOyAR7YjFhhrGMc4hNB5Qo7MFnH_r1llk97pUGplbZlsJWZ9LL-ejBialqTFTXsBfmGAkZIfWXTUDjXHJ6sCmE5YbMNd_umosi_h6OpgHIkQM66LNO9858OuqsSxnla4gVVzTtPtT1TQn0eONB5m69Rce154aeMqbCDHgS5zH1vRmpHDBvDrAWYY_rM7dl9DXaz2wCNTdjbmobrrxoSBUK_CnQlaI65BCJJpue4ngZM3XpO72pMYK1YL3rdxTkTNITrus75LITWSJn9BGzjMWpVV7ignNuW_t7CgeJA232faO2OrvnRv765J-wduGD5qreVr8EgUMhFJ3Zl38zqH2Skn94g5lWh5IQc9UzfF8SLS6cODOcauRUnfhNSdLMNyEN_2dgL9KLzaAcldIrdZcANrTEsyqwC6Dqx4E6qMc4FlHaakhwZAnjRbpa4pW4m119xqUZvGVYhZLnNC7dG8E5hwjCgAg-jHzcEZApGdBJxoC2bDSJnhfWEnbF6TNmPKjux6Pt7za0dft6WDwZg1hr36bCDih5MgFEMBeVKM1EtELi_qwYNRe_1vfO0rCXuUCAQ6A1ttKd-DSY5N6Amlc7RLep4vgpO3L3NaIqGR_uFhO6yUouMvqbyb7VDR4MId2SuxgWAmPQFX2J24v-emhwkGbG-aDiOzKrWdA9cwmjUqu15S4Ik4buXaSX0UJ6M9NOpVqJ7DY2-PkpQ3kY_oZB00j5qmBF6-gNA29R-mgOLHx4cCuPyxEJsBxQ7LWCHX_Vok5xkOsaCeW0NiYxilvBSSwjSHEH6-bHfhyEb5LutxQGl1KczNuqu1kcPmLmT9V00OkcRY4d-YCr0rwafv_33FV1ihN5RjxdKeKCDtWp1HMQPxHvU1oTysI6RMDMYQ74qp2doICsYyLcn_-Ci08iycEE6vLbm-gIZdBQjriPZ9hQe3-VRHpXtstWJiqy3_qgyFwXuN9snY3FN0nl11huSQvDYtR09xAcc5p4nNimND7eG14SIAAoBm1g4yM15Z86gm7DA6YyDM3dzh55uRQL3NQTj8zDDfFabR4iRvedpChRxAW-GxE-e6II7qwdKlmH9aIhiYPb6SjB2g8mL_D6Ea7TxPDFzZbeWeyOIX-7mIUDObooTTFUBxbBM9ZBdrRGf5eZod02cxFfklZN7jmNxb1NZV0-Ss2u6BNRzENKgdBPqn_NyhUIyPBhZyAi-4EM4xy_4TkKpkKXps8TtlXFn1TF9k3maO3J77hXtFhrt92x3x4s4qK9H3I8rqG0K1a8dqchsAaz3xFkGvZTBC8shHwGj8t9ClJEMUsm55GbFSNy6tzZ1v0rnyjq-dQWoNe4qS3zk0_bj3bq4nJmnikVwLYF5CfDp5pqox-H-RYD-gjpqOHl29AY_1kDLmofIpG00pTlTydJ-WUGfkCwqLXmkwT8T2s9Rsuvp5dL45WAjQqKjvgUOlOstiu32Byoa8dhTgdkiAB5ijktF_0KAdFI18FgqOvh4OF-V5OpI_IMYb4V537hIoewaAsYRPhINIQ_ma6BV4ct5_XslrOb6j1GHF5vWjw8kZMdeBRoWHjM91RQhZXJhKs1G26NqFpS_fX6XGENIxFA8wWrR1jnPwVhWipcXuwT1QUbDsN-SdS6c8Yz7HSnu6lYIJNDpgGz0cg232O2reSe8G1blPvEwVR6oueP4me9b4hWYQffMtZHQ4wWXmBUdEXm6Kn1C02jbU-TgbnM1-DWhg_0bfyF9v5H_JeHLuEqUGwjPrWxdGknY7wFmhQlIhKdLNRp7Cr5CbE-tGCHuhLJQFoGH4sgFonVL9JINIlcgHPyphNS9syyx1ia8Fy8g_QdK8jmtOMvXqq2zjt0R1qS6xfQ4L3FmjXT_IZSTqMJo6P_ekGT8blgH2F5G0x8AvONH08PbIsGX6TCe0rym6G_SvT8F8wCRQEYhnc1j_ZWRUQEzheWn9Z4pHGZZxv94XXYdIPUuTANc0o4iB4ALEPVPFA9smb-cyop5XlaXCf9iaiUYiMsFEUqrU5Irk2mwg1WAdudcsHZkkvdaS5tTs2uLpUhXpZf3xDoLmLaW5lP4iArxf9gyqaq8l3Pt26CffVRTYCHTI5GdK88V6vIbe7hYSwKkFG1KU8M5JidjBhiiKGUc3XDCQfqObx9jc5APNzCw5WBRvciN8AfTgQuxfkMANNDSPYcvkybj2yP6MHe7mPThmV7mZ47f-3DJ135z_QRowp4uKzoU26K5xsPIIbm9h_0KdIzdw6yIKnfyBdJFI8UaY2KtUTiyocuFfhTkfJVuEwnr7bT4erU3MJT3XWzz2gFc8QBXbokWSufXeEpRYqipXo3688Qj-WA4D3nTBdFKwMUiggVIaiL9izVucF_2do4ZKksiWPJT7_-FhSOdXBqLIaTDCK6heUAholZ3TeqP90RnjAK7xEVHE9TYDEq6-2xHC46UavO5lQhnWx994UlwpmSRYAduMCanW8u-g_5ylf33rFQQOw2k525RzU4oj3cswaA8vsQtTdZFUwtaAgc-rlsRmJV-46hIPe4brBdihoNw6A-dRcUmyTPe_ykG7EBXVwsj3ERnSFIuY_UZMun2AdxhsdhqVLULPB3xMizx9E51-tjpm0JVRkL4yzGJ7fhibhy3TybC3IpVgJKHYkjWPqUUClv5l75t7pwX83bYgrxl7oSpcCAOyNEgwNyE0unxTrPnlipJlUIOAKIfoEv7cJVQ1WzOVKxCFj010pOXM-sco68q_10Xy3xQXriLA539g9OG-lKIAtVQXdk-01vsftUjK1tBQX7VEsHQmN_g6C2M0_fK5VYuVDYO8P4ieeQdAVlI1yyxxs51CbxFirxLNM57LHvhoSHJGjjlxs2js4P6N4eLYnFUtNgnetmpPx7Jnhv11AgnIcU59kjhqzUMx8qcndFKOA_2YUBCTHSBfVdLwYFbo-fEmhSFJtLynFYPzbEhLS9D4R3e3XxZz8RIKUybKT8_lz9lWGMgGzaYZwfNlPfcCibWmLzY5BVRdlUfdMfq2M&cid=CAASEuRoJSixtQS35i58ubs8cerdrg&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac670221e-9efb-ecad-2301-ecad9efbc670%240
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5ead4c1e570e25609250f45aa137be78bc15a59db3b314568b1e7e8e26c7faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14602
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1883
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:34 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 27 Jan 2022 19:51:34 GMT
rum
dsum-sec.casalemedia.com/ Frame 1883
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfL3xgTUAQLQXxf-WeOEkQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 27 Jan 2022 19:51:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdolO86iVeEk6mlVNTSvSA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1883
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOfHBHA7ChoBQjWAX-vW8Bs&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOfHBHA7ChoBQjWAX-vW8Bs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1c25fac7-5d8d-458b-a069-f749a99cb60c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOfHBHA7ChoBQjWAX-vW8Bs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1883
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzMjE1ODk0MDA4NTc2MTA2Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzMjE1ODk0MDA4NTc2MTA2Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY583FlQEwAQ&v=APEucNW8dkd2YqQ81GxRdVuc2azotLhaSnjWoSUaCoy56WhArtI9CtGxr33ZZLXJ-Jh4iMjFUgPxtjKVq9aZITG0eYwgLy7BCxqPOyU-VXqGrauI5IG6NhSMhhfCz3nduHHNjFv4V3ZUpefo_UjqrH9oPVYGLsbp-YEerv3A2nHEuUXxjLCa-D8
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
47d7b10d-331f-4b89-a731-6122bd274e8a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzMjE1ODk0MDA4NTc2MTA2Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F536
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F536 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F536
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Protocol
H2
Server
104.88.69.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-88-69-102.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:34 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F536 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNV0mVND8Eu1S6OlcVc1u-P4FAiC6-YgaSwRt34Mzc6uvGv_Vo-XVkKUt_TceXSCTebvK7o5w9I8NgrG2KnT4vgDzZJbUXZunpUJ8MiXmU875Qaiwla1RB9wBSeUyYwS8toHq0gLdIljtVP29dl_n7K7V29RvcXjhv49Yih7vUDd3sJhFEo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.88.69.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-88-69-102.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:34 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 2A2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6KTL8eoARyO2M4DmeajSE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 2A2B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 2A2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Protocol
H2
Server
104.88.69.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-88-69-102.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:34 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEH_8NfNyWiVt4wIYu1Ja5rU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2A2B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVm7Y7Xl6Jh4BUp9a9jMiwlkwW5PfJT-VOmfbuRlvMrNnGRPcoSTP7bUvLiwNLx2QPDG64nu1bpQyUHR5E4qTliMkTdJYPJ3rpDB0GwY0J1Hd43NupN20I1w-BlV3jq_TKEneQhf6KuJZeweiuSHf8lfEZm6qKbZSyPDaKBF7nOQI5HpNw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.88.69.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-88-69-102.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Jan 2022 19:51:34 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 9A97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1&__user_check__=1&sync_id=87e76c77-7faa-11ec-9e9d-1365eaaf0306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1&__user_check__=1&sync_id=87e76c77-7faa-11ec-9e9d-1365eaaf0306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUqr9aQdvgrkAIUiZQJRJNGrhGq49KofNiKMHPJNTJSCUTJn2PoahpWBmU8fiAgj0RmDGRQjfewvhk5UrZeo9CYI9O5gH4zwwlUSG0FeIH25Jd0rvN93fbO0TalRa9AlfqeejskURqXaevwVMCZR9EpY_nlPr3uBpuCNq9N9AGcj1M5SEM
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
32
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEPBQ9-nQvXnklckpv1iFtsU&google_cver=1&__user_check__=1&sync_id=87e76c77-7faa-11ec-9e9d-1365eaaf0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
6
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9A97
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODdlMTdlODItN2ZhYS0xMWVjLWJlZmQtMTQ2MDRkZjAwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODdlMTdlODItN2ZhYS0xMWVjLWJlZmQtMTQ2MDRkZjAwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUqr9aQdvgrkAIUiZQJRJNGrhGq49KofNiKMHPJNTJSCUTJn2PoahpWBmU8fiAgj0RmDGRQjfewvhk5UrZeo9CYI9O5gH4zwwlUSG0FeIH25Jd0rvN93fbO0TalRa9AlfqeejskURqXaevwVMCZR9EpY_nlPr3uBpuCNq9N9AGcj1M5SEM
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODdlMTdlODItN2ZhYS0xMWVjLWJlZmQtMTQ2MDRkZjAwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
107
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 9A97 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUqr9aQdvgrkAIUiZQJRJNGrhGq49KofNiKMHPJNTJSCUTJn2PoahpWBmU8fiAgj0RmDGRQjfewvhk5UrZeo9CYI9O5gH4zwwlUSG0FeIH25Jd0rvN93fbO0TalRa9AlfqeejskURqXaevwVMCZR9EpY_nlPr3uBpuCNq9N9AGcj1M5SEM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Jan 2022 19:51:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 3D63 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjvK2Wn-F7zT1M6k9-t9t8Kiw1wStBVegz-nWw155s5yoa8Uma0XW73TXa8BlskQXZDktvPffmCN8hu8uZ1S0kXDBEZb4AmKHx4SE_unCMPWZ8ny7GwmIGN7nQ-U0C2o5pyJ6U5vcdADh5WkMYfxISN3TB8A&cry=1&dbm_d=AKAmf-A7W39jKZv2HoJhEb9ivVOLq5hru0Ldgl10KIqvyiCQ2uAz-e8vW-L0PjfzNzEoJqEIMsXI2hVAGvbvtUu6fhLGKfuzCC1KFGUA1ZEIkSflAfVV_3Gg6upJ1UJsjkDAD6B3YJEEWR6uppOhHzp_ckj9XPnc-Ka5KCk9KcwJYHCBG6AXkeoz_iTJ1c_ylOC2jdmcIV13KZALqMxMROfqlNNrM0Q4Rd6mKGzQoIzQ2GbDheM05yRtEdvF2f4EPqJiENycRpeftk-yBd4xMtfZWCs1cTr-68uameBbDJUeMfanzAej_QHrmT3cixwHBMABTHYNGh0YNtIlxfEjGGjJf0POserOKHsMbn80y_sLsydGzc4M05AHGh3t250PencLiS8X6ojXv3DOsO_yMHDpwneKiNcIYcYKsgCGZCFLefnzT4nT7YG8mEFr2peGkdv3SuJJYFY5rx7kagqL9fgKVdJr1U3Xk0ymThQxbN8xd8OoTwUuaVJstag9f1Sran0CArkymUG0ZVSD1eeB7JxO8KNJ60-m7giS6SkL1rDuMYCZVAQAna778dBJiJA32YyR6v5eaX_z7ZUDudnhJIkSriCpmUmptMsFLwX9ik-s4qGfDSeKr4umeFWJ8o2sB2Ica6gBHCEt9X6JhFT625SXFBsc5Nhp0mYBEetGEk5ONtx1DaH_s4a6v1XhkIziD85oARJOpoZ8s7x7e5PuqtvPrY_Ayjb82TVjqxM9PNnCxnCC6vXu1oaQ0ruYvgXa-rDMf3ma831U5NXsYF9zg7XT76j41PFH7kHSCIEbaQCIWJW7Y9MgFBZ-ga5v5ID-mdJkBOrKLEB3wRaAuL4OxaUvZ3iFMwPjy-XnjxDRtCPqGKaGOigPQHf5y6vfuGiVrraRNXzOvoFwhHGK4qzkoQ3g-l3EblgCWhQnbT_mQEhTvwBaZKDDtIlzcxhPJcQHSjlSUMM8X761NTo21aLEmySFAlhS-KGedvTS-BNQxL9mF5zigUiEBMI7Yi7fVq7Jz2qseSU3jdTgRAzm3DIbUSagu3wb-6_ARIRwKXIkLZJ4KSrNAutTERXI67q98VjEMZVWxfzHX1eAvxIcFD7cPHkLD5fapcDlgiZbWcGXD2BZ0WkH4mE8mw5HLfIwhUqqR08wTFea0RkVqdYd4XDFT9NcnG2qWkkqN6tc5QToC7YaKLDTnTARnmoX4YJz4TBI5PCIFDoAYgF5FaHlld6W_Z808BoTOmzMAyuwOmwJ-mk_fz9zKUAnzGwaGiAknHh9w4w4uITS29FhKiqJ6J1BluV_9UXOOCDsNpjxb7fIEJ8edII-fPOoJGwLPs-WId7ttF6HkzTFLd7O5Am_XEaiHpC4ptGyA4S-7psywHZqv57QUU1qrSmJGlGq2Dd93cxqVg2SxUGHZRAnbiE85rFFGDPtdEuBjSUGqlm8Ef4zmOduR_9hei1mFZJ1wmJ_QxSsYbtl_3sIW52wo2EI6nFqGRFoZKfG5jJq8oezLe4uAqJtnSgSCRg5Zfpx5LCU5HtZqPIGwbmKu0X6y-rF40ZCy8fe-xKnYShlVZnS2SaKYv89bUpKPriatP7evnOonK6ZCtWqAmaZebRw4UPRIMrwsg8iIjwfV-o4Og_3L0c9rBbx9bDkO_T36nq66mtu7hdQsYsIWNEW74j3fh8GBFMscrxIzzMO4ZZNy9aahoBVTsI_BkcvSKi1Ry4aqI1Y16QDXSw7TnSNXWI0v8oWdpMyrAi_3QkrKNqkZn_50ajb0GO2U4P-0yHQLtCXs8F9OuG77Xgx14YQfMBUWSIcCuv0l44Y---9NuX2EGuFJCGD1m0FfVpzCd5P3-9PImUBxdmMZW0cNNARsIiC63O30rMOn6gsJjftExdWiPGHRrt8KhMgXGIHdR71xe06aDz82a2we8eR9Weh7jw8Dy2pvULRWf_V4gO05SnfQ5TE8McfiWTt28YlfZGVS42-aM4-ddkeAuQcTd3THJYVzzdDNuIngiIXe1Q9weVYau9UlvvaR-iUgxJXOvZzvn7c9i6ejHDYdVohkhiwSSIyYBPFkkXsUWOXzg125ibWjyeyBgPtd57hgsRk3YEA6d2ZSLoYKzP-SbITeGkNHUTRyjFPhnCX7N3AJkZiR3hb-U2eIDZKDJ2dBZGDZhbBzbcPKPoDWO-IrIfRAflCGu_pwxvu57P2lz8YVYrzdvbhayWEaTKde73fyOtz4xXLJnVsPa6fnFMHsgBhMdQDG7HnTqVM2F0sNEbVie_5izP5ci_NFaD6dXyEiYqJBcg_mF_9WhB8xp4Qzu2LoV9CC2C_6bPkE4rW3mHf4DnChTwA0VTfaJlO_YIYvvQFuUjm4Gq629ZeHbnL53EAwcC6cBJGYzml0GxLzDzsg5uX_7L6CPVDsjl32HNwn-GLk3GEqXE7f4ZOqHeMYjJhunR3ykQ3_MvCiVL5U0_vS7gkmHe4l-Pfgz_FiXkXRHaVqIn_nnJeOJWQnUTK12lR-Ha6-PeLT-Gkx2Y6JYDyz3ddE0rI34FP0akUK47j8ZgZchtCgHyMS2DnYxnwY35pFdef8ZeB5Fi6GwrzHNxX5CTPYvatyZGPGNW1JaA-vWxrJLKI_tIY5n8LAgn3J1m29y1n6vcyfHTSyjhVyRaqspcG5HxwdCkmXwwhtpc7pojUB_jVAGoaLSCi_YMkLLz-zYRE9MIckMsptGDqYkf5WmdQASm2dQT3Y0j7YZri20j2FpbENMTMMaz_slFZteZ2QKZ-lo3X-0d0rlS1qVWzpD9hjHSpHvxak7BG7Ns1OROYS6mjxAtfgsfnxwbwm7e_uLp7agLyMWDqyLTv5I8tkrU7tu0jghibq6yPHy2PXwVqasYtE6F2hvFYF8pvJdL5NtU1MvKxh0hwkYeXD_h_EuHWODkbCX30HLbCuSkYGrkItafJXZOn4GAurs2Q10ucTErStdcmXOoXzNc38-4ZVYKUkiIbfkyGeiTjKHB6biVEUpGyPe_pRik7NB_8tUrK4fR8AKiBtGGeWtA3DT59Fror3LyyNE-oX_DXRvEkpqIUU-n2PlSxFSH5FSZEDIt4RtJCoI7q1P8DmTXLbK1g7SHRGj-NkMrF8SprnOHQEPReDyPoA1NRDIbhls2gUNBXouSysyTV80SmFSodhaKwjQ-wajIeaZe8tDGqUS2-2SyvV5E6X-PCQZ-eSVRRaexMz-swZlKMzAjeY_VDHMQshdLcGYCVJmSDk99KKUgp69iys-bxVJzP3YsjhU7yWVjca2rG3o-IsKUWxoMYWl4HZ59nHzBPtcuDUKCUIev6iYFgIuwFUuA&cid=CAASEuRoB4_PoWckOYWtdrwIe2LBIA&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67023e4-9efb-ecad-24c7-ecad9efbc670%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:49:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D63 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjvK2Wn-F7zT1M6k9-t9t8Kiw1wStBVegz-nWw155s5yoa8Uma0XW73TXa8BlskQXZDktvPffmCN8hu8uZ1S0kXDBEZb4AmKHx4SE_unCMPWZ8ny7GwmIGN7nQ-U0C2o5pyJ6U5vcdADh5WkMYfxISN3TB8A&cry=1&dbm_d=AKAmf-A7W39jKZv2HoJhEb9ivVOLq5hru0Ldgl10KIqvyiCQ2uAz-e8vW-L0PjfzNzEoJqEIMsXI2hVAGvbvtUu6fhLGKfuzCC1KFGUA1ZEIkSflAfVV_3Gg6upJ1UJsjkDAD6B3YJEEWR6uppOhHzp_ckj9XPnc-Ka5KCk9KcwJYHCBG6AXkeoz_iTJ1c_ylOC2jdmcIV13KZALqMxMROfqlNNrM0Q4Rd6mKGzQoIzQ2GbDheM05yRtEdvF2f4EPqJiENycRpeftk-yBd4xMtfZWCs1cTr-68uameBbDJUeMfanzAej_QHrmT3cixwHBMABTHYNGh0YNtIlxfEjGGjJf0POserOKHsMbn80y_sLsydGzc4M05AHGh3t250PencLiS8X6ojXv3DOsO_yMHDpwneKiNcIYcYKsgCGZCFLefnzT4nT7YG8mEFr2peGkdv3SuJJYFY5rx7kagqL9fgKVdJr1U3Xk0ymThQxbN8xd8OoTwUuaVJstag9f1Sran0CArkymUG0ZVSD1eeB7JxO8KNJ60-m7giS6SkL1rDuMYCZVAQAna778dBJiJA32YyR6v5eaX_z7ZUDudnhJIkSriCpmUmptMsFLwX9ik-s4qGfDSeKr4umeFWJ8o2sB2Ica6gBHCEt9X6JhFT625SXFBsc5Nhp0mYBEetGEk5ONtx1DaH_s4a6v1XhkIziD85oARJOpoZ8s7x7e5PuqtvPrY_Ayjb82TVjqxM9PNnCxnCC6vXu1oaQ0ruYvgXa-rDMf3ma831U5NXsYF9zg7XT76j41PFH7kHSCIEbaQCIWJW7Y9MgFBZ-ga5v5ID-mdJkBOrKLEB3wRaAuL4OxaUvZ3iFMwPjy-XnjxDRtCPqGKaGOigPQHf5y6vfuGiVrraRNXzOvoFwhHGK4qzkoQ3g-l3EblgCWhQnbT_mQEhTvwBaZKDDtIlzcxhPJcQHSjlSUMM8X761NTo21aLEmySFAlhS-KGedvTS-BNQxL9mF5zigUiEBMI7Yi7fVq7Jz2qseSU3jdTgRAzm3DIbUSagu3wb-6_ARIRwKXIkLZJ4KSrNAutTERXI67q98VjEMZVWxfzHX1eAvxIcFD7cPHkLD5fapcDlgiZbWcGXD2BZ0WkH4mE8mw5HLfIwhUqqR08wTFea0RkVqdYd4XDFT9NcnG2qWkkqN6tc5QToC7YaKLDTnTARnmoX4YJz4TBI5PCIFDoAYgF5FaHlld6W_Z808BoTOmzMAyuwOmwJ-mk_fz9zKUAnzGwaGiAknHh9w4w4uITS29FhKiqJ6J1BluV_9UXOOCDsNpjxb7fIEJ8edII-fPOoJGwLPs-WId7ttF6HkzTFLd7O5Am_XEaiHpC4ptGyA4S-7psywHZqv57QUU1qrSmJGlGq2Dd93cxqVg2SxUGHZRAnbiE85rFFGDPtdEuBjSUGqlm8Ef4zmOduR_9hei1mFZJ1wmJ_QxSsYbtl_3sIW52wo2EI6nFqGRFoZKfG5jJq8oezLe4uAqJtnSgSCRg5Zfpx5LCU5HtZqPIGwbmKu0X6y-rF40ZCy8fe-xKnYShlVZnS2SaKYv89bUpKPriatP7evnOonK6ZCtWqAmaZebRw4UPRIMrwsg8iIjwfV-o4Og_3L0c9rBbx9bDkO_T36nq66mtu7hdQsYsIWNEW74j3fh8GBFMscrxIzzMO4ZZNy9aahoBVTsI_BkcvSKi1Ry4aqI1Y16QDXSw7TnSNXWI0v8oWdpMyrAi_3QkrKNqkZn_50ajb0GO2U4P-0yHQLtCXs8F9OuG77Xgx14YQfMBUWSIcCuv0l44Y---9NuX2EGuFJCGD1m0FfVpzCd5P3-9PImUBxdmMZW0cNNARsIiC63O30rMOn6gsJjftExdWiPGHRrt8KhMgXGIHdR71xe06aDz82a2we8eR9Weh7jw8Dy2pvULRWf_V4gO05SnfQ5TE8McfiWTt28YlfZGVS42-aM4-ddkeAuQcTd3THJYVzzdDNuIngiIXe1Q9weVYau9UlvvaR-iUgxJXOvZzvn7c9i6ejHDYdVohkhiwSSIyYBPFkkXsUWOXzg125ibWjyeyBgPtd57hgsRk3YEA6d2ZSLoYKzP-SbITeGkNHUTRyjFPhnCX7N3AJkZiR3hb-U2eIDZKDJ2dBZGDZhbBzbcPKPoDWO-IrIfRAflCGu_pwxvu57P2lz8YVYrzdvbhayWEaTKde73fyOtz4xXLJnVsPa6fnFMHsgBhMdQDG7HnTqVM2F0sNEbVie_5izP5ci_NFaD6dXyEiYqJBcg_mF_9WhB8xp4Qzu2LoV9CC2C_6bPkE4rW3mHf4DnChTwA0VTfaJlO_YIYvvQFuUjm4Gq629ZeHbnL53EAwcC6cBJGYzml0GxLzDzsg5uX_7L6CPVDsjl32HNwn-GLk3GEqXE7f4ZOqHeMYjJhunR3ykQ3_MvCiVL5U0_vS7gkmHe4l-Pfgz_FiXkXRHaVqIn_nnJeOJWQnUTK12lR-Ha6-PeLT-Gkx2Y6JYDyz3ddE0rI34FP0akUK47j8ZgZchtCgHyMS2DnYxnwY35pFdef8ZeB5Fi6GwrzHNxX5CTPYvatyZGPGNW1JaA-vWxrJLKI_tIY5n8LAgn3J1m29y1n6vcyfHTSyjhVyRaqspcG5HxwdCkmXwwhtpc7pojUB_jVAGoaLSCi_YMkLLz-zYRE9MIckMsptGDqYkf5WmdQASm2dQT3Y0j7YZri20j2FpbENMTMMaz_slFZteZ2QKZ-lo3X-0d0rlS1qVWzpD9hjHSpHvxak7BG7Ns1OROYS6mjxAtfgsfnxwbwm7e_uLp7agLyMWDqyLTv5I8tkrU7tu0jghibq6yPHy2PXwVqasYtE6F2hvFYF8pvJdL5NtU1MvKxh0hwkYeXD_h_EuHWODkbCX30HLbCuSkYGrkItafJXZOn4GAurs2Q10ucTErStdcmXOoXzNc38-4ZVYKUkiIbfkyGeiTjKHB6biVEUpGyPe_pRik7NB_8tUrK4fR8AKiBtGGeWtA3DT59Fror3LyyNE-oX_DXRvEkpqIUU-n2PlSxFSH5FSZEDIt4RtJCoI7q1P8DmTXLbK1g7SHRGj-NkMrF8SprnOHQEPReDyPoA1NRDIbhls2gUNBXouSysyTV80SmFSodhaKwjQ-wajIeaZe8tDGqUS2-2SyvV5E6X-PCQZ-eSVRRaexMz-swZlKMzAjeY_VDHMQshdLcGYCVJmSDk99KKUgp69iys-bxVJzP3YsjhU7yWVjca2rG3o-IsKUWxoMYWl4HZ59nHzBPtcuDUKCUIev6iYFgIuwFUuA&cid=CAASEuRoB4_PoWckOYWtdrwIe2LBIA&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67023e4-9efb-ecad-24c7-ecad9efbc670%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jan 2023 17:34:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 9418 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACzCqbTutwd5edVbN29Oy4hYfNvetKm1zb1Ez268r_wHhiCi50JzXPlEtH-X2_PfxH0rtpqWHm0xku7R4b9PggK8e1vjaRwO3V3BQhnZMlVzn0HVqQcg7sAc65gIEx_O0K590sQOvRi_8W2Vc7pe9V7STgBw&cry=1&dbm_d=AKAmf-BwbKCM9yp88BxMWpSQ-3h06giE_5zEjK4pBjpr_R2cAynT6HomzOc9m7gOKB6QAXplc1KbCymAKjYSQ0MGUobKmYLG5963nSrNQNW3MfOY8BNfvn3Cx61-k4cBWSy3lLquXEN_47VqqL1aCevGsdUCjim5Y8UO4UITSUTWwjHeeXKTZYSnUkMw8n2Jvr4q7oLitDLd0yCcTpBjBEMzwpviessrLSfO-3eleOV3_8jRqyFeyOomCnoOlD4asu8PuZuMPzkJQlTWp_yUBW6s-w5Hfm77MLVL6_i2U4aDVgQ3Ku_jw4x5z4ok58w5aAn-XyAggotXCo5phmJjUqYFymCWCvTj11aLEnemeuHaOEplSZ-zsNx-_2lLX3I5krYBywfsaD_INYzU0w0xH-z6K0XdsOBKauoSE3u8TnWeXtGyYPiEa8rmMd1KAez3rSuyBZZ0qsEhxLA9kJtxPBbzMfjuXRqC5fgiF1LVOIWpa0-iKs65y6g3AdKo856Ktfj0_7FxPAxWL6mc99bO-rB97HNfeJyt7ushsmfZEdHFNqq6TVw5ou49XvyenGGAtJDo0NiYnk3PPRY_o-LxjI2_Ym0zzDIsIm_B9864qqDb01cst5oZCaWzv5Qf_pB_kRF4fadv0nRmbTNF2nTd621fwam1BjjnC-nBljLPb3dvXpdZI6CA9XFg-Qz3QxuRRTDUg-PQv3ZIJBVEDrTmBX58tophJ_CIlCTjFdefhW3jhCBAGMLFzrXJUiRf24wkmHDssF9UcdLqjG4SI41cUF-MeaIfB1Tp2Lzax2eBY5_agO_i6CSKyDfW6FjzM9SvpGGR7rjWBwlS_7KnuHXnxM4jaC1KdBhi05YuebprZMTvf3cQI_smbBSWmqDy63rB5m63-AyiVaD5djg78EWokwRkSCuPfU9ICwZAlPd6FFgeARgs8FaPUH4ypz3-wEym8QcYgPjgE8de3RdlLZ4Wqe50yLQZa0Sq06CUgTJA11w_rHeymHieR9D8VCJUL9Zrg24X-ggGtg-F70g0OU1XiZMJwfxFU1kLX54_WCGDaPhN8Eql0YtKkB_lLnDQKV4Aj5Mwxe0Uol9v0U0wye7sPLSLhXFEeCVBt6hdf7tbqbIeG4vqRMNvqjquNj0BNFqtUnB9BUlCfPws4f-PsNQyAJhx8F6dY8K0tE3GtcpaluWIc5V1GVgIJZJ_PG3Iy1VW__nX9MeranHmJ4ovcAs1QpTCjv7KRuGoI4Q0vmKS3PbfnktVh46vkKLVRVpMwHhU-3n9Iu4xMDVmnQ_x9x-VVqs41pE9GmGD34B6tTou7pmNiLWDwmfIPvIR--bOE5ewmu0ekNh47B_HcOJzdLEkOTj_ly7svlx6LBiZK5CeLpdq_hBJWSmCmXyfQ73PGX22jeyCax5teqMt3MVM7ZT-IuZQv-rh0NuY-AxXDXmok3-MlpmRUoiFmP8w0DNMW2BXloGv-gPNGz08jwm9WXdFZU6Ze6PafcXSCUzKk3VoO4OPLf1QnTtBN3Xa6dJ8tM-A3KArz_OA7kIS1netgIXIoN5p0gsHOSu55QFd4i82rZti3QbDDzVRRk80eAmCeRF3JEX9m0rzb8D6WUkRhYgkzuKwBWJDGdrxVLe6qYxDo35xYDPRWYNTbc1irr-cjGXV8OHX2ZEl2sjG0GkbLbi2IkqJ2LU_YYRZ_Qd1OPmJjnSU7A11rrlk6k_oY_DOc3SnhDlNlM-gvYxDM6tOLCvx7WyBo9s4weMYPe5VbAqsFlC1pN514onrC_HBuIOV9YalLvL-TrJAaYT_L8B2UCJPd0y9VFvUx2MMUIg61RYWYeWSjLLxrU2R5JgLj3EP9e6DzM7ppSgVX7kCWZ6yaJ7Mm_ISeHFacHf0RG-FXVNFTjEQpX_XydAQRUVDpFWv0ISDddu2Sk4bAScBszlC9mPF1DPYlUX0EfFMXoLFHvGsecfK4oWnI3q_rds9Kj504GtFh2Jugil7nXN-dNPjvSqPjEaOqiMmMmFJjZUs-SKXm_DROyCemQDkYFliGgmS6bzZR3zxj-0AcH5JPvx4fsTYH5NnObNq9_-74o2xk0UyRh3XbcJ-hEt65l5p8GwfurRSLlW_dDkN-A0BdQrWj7wmZ93LWJVFpd98J6cO03chHdakyhOfOYiytPwqFNqvY-uP3BR7X3ovzr6gyNtfF1uChCU1pex_HC4tIfh8VNq4hSAyGvKxArTk0uSTm_3in9MVaWjMOQGwTIdjT_vYYW9xn5XoWENhGJNKV2X1PoQz4y01ywmq2BC83PebHwKD6ddx69QikeO8axBOFr83g0OjI5HeQhn5_FTQRcz4sIZ4T390yQjCiX0mSQ0x3UOWEEDoZntEEfUiRXhyXi9woTHB9HiE2LZvBUF7Do8pHre0eFhyacVxBBux8dsY-b-q5dbcg92MJqhcZF5dt4nEbVGgU-USf6WOsKBH6vevDh_qS6f0qrl4IE8ZwukdQnvRTY8fIEl_0CiPKuog3MlKTStp4iYNdiZUf42BllLhFS1G0lfFs9_0q6jmJ9Hm1bVscS1U8K8bQL3hKRl8AOpJnnvvShbU8q-1ZmQ2dyArNwodeh8R_kB7zchmTWitzLsRrvVmexTMHeZ_yP4D_zTst1SgtAkf68umne_FPuNXSSAjVa4ZJuM_zQ3KDtqD51S0Z3qt5q1Pem4NZPkgffTn_H9Id4Q0woGR6PwlTmcsdHklfTgtKb0r-Mnf-JQC3ZJiIuWpXJwoTA3ZcM0DqldGP-U_2BRsl5SOs93lx85qbQ9rpoqeHTI3G7gIEkluZi2-o7NLABLXWFTX-TzqZzosyFJV86GMROSHUzG2bF-xd2qeErNG8DoGHbTuyj-7rLWi4mG2TswsuvQJdDtH3AgDijke-o8yd_nGtDvTpPNFOW3Ohx7690HUyqXCMmvKe0TwxGHX3EDD5S6yyUZCaf-tIkkgoZbbUmhTVK2Z5ph32-rLOVNgu1Wusd8K8yBfPxOfVG1Q6ZUIxDl7AsNtDqZs3XpVfM6AO-qDFVJe-nUbUuLnGcv_7_MJ_8UI3AGRUmXuEjzWo_EnV0dP0_6KwfctQF_etX3p8X7w2DHF3N5rmwsfUdMcoACJYklMsSNi83DZL3jfDois0ryzUOFhNEQ1TYTyaig7eJE6MbjqUFnM3VWOLMCacqPJ46n9ARGOEi26dTPZToAVjihIXfMXkKqhinR0hUf48WvQ6aTDoSowPohWFYFcnWJa8nPqZHEoz67cEUqpYE3NdM7YJftT1j4lN4GiYkRFKlN5CwJ1EXs-MI2AsmF_vqeuom0HV_0&cid=CAASEuRoFx8OlyEdCBDBYQEXH1cOag&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67025aa-9efb-ecad-268d-ecad9efbc670%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:49:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9418 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACzCqbTutwd5edVbN29Oy4hYfNvetKm1zb1Ez268r_wHhiCi50JzXPlEtH-X2_PfxH0rtpqWHm0xku7R4b9PggK8e1vjaRwO3V3BQhnZMlVzn0HVqQcg7sAc65gIEx_O0K590sQOvRi_8W2Vc7pe9V7STgBw&cry=1&dbm_d=AKAmf-BwbKCM9yp88BxMWpSQ-3h06giE_5zEjK4pBjpr_R2cAynT6HomzOc9m7gOKB6QAXplc1KbCymAKjYSQ0MGUobKmYLG5963nSrNQNW3MfOY8BNfvn3Cx61-k4cBWSy3lLquXEN_47VqqL1aCevGsdUCjim5Y8UO4UITSUTWwjHeeXKTZYSnUkMw8n2Jvr4q7oLitDLd0yCcTpBjBEMzwpviessrLSfO-3eleOV3_8jRqyFeyOomCnoOlD4asu8PuZuMPzkJQlTWp_yUBW6s-w5Hfm77MLVL6_i2U4aDVgQ3Ku_jw4x5z4ok58w5aAn-XyAggotXCo5phmJjUqYFymCWCvTj11aLEnemeuHaOEplSZ-zsNx-_2lLX3I5krYBywfsaD_INYzU0w0xH-z6K0XdsOBKauoSE3u8TnWeXtGyYPiEa8rmMd1KAez3rSuyBZZ0qsEhxLA9kJtxPBbzMfjuXRqC5fgiF1LVOIWpa0-iKs65y6g3AdKo856Ktfj0_7FxPAxWL6mc99bO-rB97HNfeJyt7ushsmfZEdHFNqq6TVw5ou49XvyenGGAtJDo0NiYnk3PPRY_o-LxjI2_Ym0zzDIsIm_B9864qqDb01cst5oZCaWzv5Qf_pB_kRF4fadv0nRmbTNF2nTd621fwam1BjjnC-nBljLPb3dvXpdZI6CA9XFg-Qz3QxuRRTDUg-PQv3ZIJBVEDrTmBX58tophJ_CIlCTjFdefhW3jhCBAGMLFzrXJUiRf24wkmHDssF9UcdLqjG4SI41cUF-MeaIfB1Tp2Lzax2eBY5_agO_i6CSKyDfW6FjzM9SvpGGR7rjWBwlS_7KnuHXnxM4jaC1KdBhi05YuebprZMTvf3cQI_smbBSWmqDy63rB5m63-AyiVaD5djg78EWokwRkSCuPfU9ICwZAlPd6FFgeARgs8FaPUH4ypz3-wEym8QcYgPjgE8de3RdlLZ4Wqe50yLQZa0Sq06CUgTJA11w_rHeymHieR9D8VCJUL9Zrg24X-ggGtg-F70g0OU1XiZMJwfxFU1kLX54_WCGDaPhN8Eql0YtKkB_lLnDQKV4Aj5Mwxe0Uol9v0U0wye7sPLSLhXFEeCVBt6hdf7tbqbIeG4vqRMNvqjquNj0BNFqtUnB9BUlCfPws4f-PsNQyAJhx8F6dY8K0tE3GtcpaluWIc5V1GVgIJZJ_PG3Iy1VW__nX9MeranHmJ4ovcAs1QpTCjv7KRuGoI4Q0vmKS3PbfnktVh46vkKLVRVpMwHhU-3n9Iu4xMDVmnQ_x9x-VVqs41pE9GmGD34B6tTou7pmNiLWDwmfIPvIR--bOE5ewmu0ekNh47B_HcOJzdLEkOTj_ly7svlx6LBiZK5CeLpdq_hBJWSmCmXyfQ73PGX22jeyCax5teqMt3MVM7ZT-IuZQv-rh0NuY-AxXDXmok3-MlpmRUoiFmP8w0DNMW2BXloGv-gPNGz08jwm9WXdFZU6Ze6PafcXSCUzKk3VoO4OPLf1QnTtBN3Xa6dJ8tM-A3KArz_OA7kIS1netgIXIoN5p0gsHOSu55QFd4i82rZti3QbDDzVRRk80eAmCeRF3JEX9m0rzb8D6WUkRhYgkzuKwBWJDGdrxVLe6qYxDo35xYDPRWYNTbc1irr-cjGXV8OHX2ZEl2sjG0GkbLbi2IkqJ2LU_YYRZ_Qd1OPmJjnSU7A11rrlk6k_oY_DOc3SnhDlNlM-gvYxDM6tOLCvx7WyBo9s4weMYPe5VbAqsFlC1pN514onrC_HBuIOV9YalLvL-TrJAaYT_L8B2UCJPd0y9VFvUx2MMUIg61RYWYeWSjLLxrU2R5JgLj3EP9e6DzM7ppSgVX7kCWZ6yaJ7Mm_ISeHFacHf0RG-FXVNFTjEQpX_XydAQRUVDpFWv0ISDddu2Sk4bAScBszlC9mPF1DPYlUX0EfFMXoLFHvGsecfK4oWnI3q_rds9Kj504GtFh2Jugil7nXN-dNPjvSqPjEaOqiMmMmFJjZUs-SKXm_DROyCemQDkYFliGgmS6bzZR3zxj-0AcH5JPvx4fsTYH5NnObNq9_-74o2xk0UyRh3XbcJ-hEt65l5p8GwfurRSLlW_dDkN-A0BdQrWj7wmZ93LWJVFpd98J6cO03chHdakyhOfOYiytPwqFNqvY-uP3BR7X3ovzr6gyNtfF1uChCU1pex_HC4tIfh8VNq4hSAyGvKxArTk0uSTm_3in9MVaWjMOQGwTIdjT_vYYW9xn5XoWENhGJNKV2X1PoQz4y01ywmq2BC83PebHwKD6ddx69QikeO8axBOFr83g0OjI5HeQhn5_FTQRcz4sIZ4T390yQjCiX0mSQ0x3UOWEEDoZntEEfUiRXhyXi9woTHB9HiE2LZvBUF7Do8pHre0eFhyacVxBBux8dsY-b-q5dbcg92MJqhcZF5dt4nEbVGgU-USf6WOsKBH6vevDh_qS6f0qrl4IE8ZwukdQnvRTY8fIEl_0CiPKuog3MlKTStp4iYNdiZUf42BllLhFS1G0lfFs9_0q6jmJ9Hm1bVscS1U8K8bQL3hKRl8AOpJnnvvShbU8q-1ZmQ2dyArNwodeh8R_kB7zchmTWitzLsRrvVmexTMHeZ_yP4D_zTst1SgtAkf68umne_FPuNXSSAjVa4ZJuM_zQ3KDtqD51S0Z3qt5q1Pem4NZPkgffTn_H9Id4Q0woGR6PwlTmcsdHklfTgtKb0r-Mnf-JQC3ZJiIuWpXJwoTA3ZcM0DqldGP-U_2BRsl5SOs93lx85qbQ9rpoqeHTI3G7gIEkluZi2-o7NLABLXWFTX-TzqZzosyFJV86GMROSHUzG2bF-xd2qeErNG8DoGHbTuyj-7rLWi4mG2TswsuvQJdDtH3AgDijke-o8yd_nGtDvTpPNFOW3Ohx7690HUyqXCMmvKe0TwxGHX3EDD5S6yyUZCaf-tIkkgoZbbUmhTVK2Z5ph32-rLOVNgu1Wusd8K8yBfPxOfVG1Q6ZUIxDl7AsNtDqZs3XpVfM6AO-qDFVJe-nUbUuLnGcv_7_MJ_8UI3AGRUmXuEjzWo_EnV0dP0_6KwfctQF_etX3p8X7w2DHF3N5rmwsfUdMcoACJYklMsSNi83DZL3jfDois0ryzUOFhNEQ1TYTyaig7eJE6MbjqUFnM3VWOLMCacqPJ46n9ARGOEi26dTPZToAVjihIXfMXkKqhinR0hUf48WvQ6aTDoSowPohWFYFcnWJa8nPqZHEoz67cEUqpYE3NdM7YJftT1j4lN4GiYkRFKlN5CwJ1EXs-MI2AsmF_vqeuom0HV_0&cid=CAASEuRoFx8OlyEdCBDBYQEXH1cOag&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac67025aa-9efb-ecad-268d-ecad9efbc670%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jan 2023 17:34:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 6680 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVuDW8O0XO0-Brpjlyk-7f-1EzWH9JAFTmegrTD2cMVw3kmTSI8WjsUgGpeXdS9JSDgNT6RKPQVKv5dg-Df0HpRB-MNXpYwVHhiiSMyuqOXJ8K4B6-f5eyk3IW21Tk7atMR9XJhvaspRoLE8FA7g0EGYvyXw&cry=1&dbm_d=AKAmf-BRmtfLhmU8oahwSw7Ip8GCQMlEHMptSAvRJ4ejzx9T_-tGgmCgXuxzErjF-wstoHcw-cMg71h8Ad3eSomjgnsbloP6hM-SG6jdcuUmtWYuXKB1QcOTRpQs-nJoRowMIYFTxggMkHvrnoLUeWwH-pO4tBNfJeSXgptHPerlFrFG1-GeRARxTRad43Bkg9_azGztVuYff1n-LgGJLhjFwtr3k-lPaIR7cVqUidmXLzQJe6MBsIXU-kQIOM2pCokN3CI20KSDtGca4EHdgYaXXFBvQcOMQ2Hx4YEwq_3L-HcC_tL0gK2_8na6cUF6stYDi1eXvgF0dy0GeD-aJwfo-UaC47-PkmpWy3sGQNmOwFLCHjjEDCwW4AEroAoTYsJrVRLXRA0h94RLYgry-qsSB3GLGciGr3lDdTqO9ZiFP-L4RQoZlN3R5ZOOZW7dqe_OdCTyKFu3dQ9MOCV-rfTGs9g_8x19B9AwPOzoR306omWVtKud5zTKdtjdrVj_7dLgmulqkPI7GpfeUzebMR6Xs51ftCL4kSQ6fHxcsZdUQwNqjXsLaT9m639vfUzMqJ6X7TIbYQGdjlSQFeCrxd1ZQucIdoVMxR4-M88jgxuM0g_eVFDXF0pWwa4X6WvQbA3LU38Od5i45sWKA-sauDcKjMiXtEyiHQqWDbEvgY3UzAkqDFKKw0psGHbkrK-OajAfN5oVWztXNh1eJzxz4WiKNXpqy5QTWR63U8CuueFtYkVp-TFJsFjmJ2YBsb-38t-wUEkrTmInBqtkeW9BHJq2eBfOlt0rNsRMYQTCRAj51-n9flA1-M3KMEa1EQ6wNWmqWv4EAXlIXoChEZZtWCB_VAIv0O5YnVZJxJUHPlu3e2eMh2B3CIxvlWk6vCvaqn1QTyYcIsbTsOK8_Y8hq_VzaecDdYMAnY-IDReQ0I2M3V6baPARrNnbBQYW3IkJDpUeA10VQWUtMG2DU9kXHdGQN9id3ZeedDSVb8Vbl8V0u8Z3gMc1dRJ7eYGtofSBFr392jHJDNWkS41ebumm1hYnziXO8rDxUu0x7Tv3sPhJlWdR5GzNwUShU-kyHXSVoeubxTT3-RAyvKG-sioOVt4osa2YDrUOIQoOKdumEaBXUdNSVwp2Nn85VZaxkRySObMrfGOL4XHdVxMPHb0pmGSKLb6GnYz7Nb5iP8PPkdnd6cGJJTzSHHCvU5robnuanyIRVMmVOLTpf6AY6tGFrYrsoyuTUbDSLMuvBzWYyoqBpeU0z-L1djZHhRjHUvSn7WcmpraYuET38aqfIkkkJg6G1TsSBUonUNdiYXRomxjGwwrApJoxbZkoZJMUuSS7LZC_Z7JjLx3JY7X5WRwilPbDI5zmaPW3hNWA3Z_SjwpGiMGN-Vh3gFdA5KZ7YRnvC2_OTNw6DpXA0t_UBeqtXkTNUHH9G6-v96mYr3AgYOGuH23rIoGLjg-hCGpoAxIdhZTePK3a3f-f6uMOVG-Y597AQ1xFPgAqTO13Y0yGC47hoBUob-m8vy8WxvRY_kCkPmD7KmCzuN5QI-MS_Yu0tR3jZYag4pLghqIb_88XXCa_Ztek0pFaHYW3ZW9xCX361ucFVRkfFDccWQGrP5cWteEjFcv8vbuKt1RhcT8vzXQJ6tDFZ1vs95_Y-ZDlI0tAc-BFSvP0hAaojK7kXgHo8ratogbzOF6W6xqegGKRSitLAqIbyDRNWhn7_tP-gEVCfsbaN9Z4DorxGe-6sSzhEvhdvbqC4fI0KV7bSG0X51BmwTMedZZRz7uCBAGUUjMNSrlzE9M8DO8s-uTKLLojktGUrUxrZCvNUi4GAJmrWtR7sCX1dT4msxqGcg0Dd0yBYHsa6p_qn7BW9KcPGgbl3MKkvClb2CofXWxqqSBtVm0Bt7NAxdVlguDDSXWgTUsGk7S2ICP022DKvgn11x5iex6txtCoEqnS47WWoqKcmxJZWiJqw8qXXX0eGdIOYf6AdyS67QeX8CDwG482pIL-GB4uw3ZyxR88T7H5kRAHERFLMG4BGt3nbofX3dewgttJNxg681xFq-N8yxH0SAZKBktA_hQyehDzRATrfuTZs7L8GTpimoucVDPgUtWHJHFiGs3V0McLTP7E6boRykciHsE0h6Dezt3XLdx69woEDklkXp9WK-AF0qGlIWLk1wmlddG5Nvo4BuunSiv6NgxOEs6Kq1zOphERdYzJdrsNa07XEGymMk1EW566eHxqZSgVrjxDTfwL6dXSMdUXE9enRvaZwI5EOV-eEYk4bxQ6c6C6Ypij1vpih6spEJCpEc1dLkHN2GyDMSv2lW8WKezosuQACbzc5OBAFNEWUf8osD61lgcqs5b6havwPt9HxzK5d9zOqu2vjh6Uq2_2RiR0OstPSxXb4xZyEZZ7QYbKZKDMcyWqSpGP9QhaXVe5LMb97aqGkLMPnX2tqRhyUI4Nmg29pQWMeznewpwXvjc-XYtRAIolNDoA4I3hSrjz6rpJNccI8rp-6nQhO1WnV1L35J2XK_BC4NXe3fzFjxlVFZgHohCVJHMLTr_xEsB8qqrnSzzv2J-uwsIZ80G2ITPf2y5j7tS1GyOqCg7kJHJ75McKRusv5qvN7989iGN3RGeX-ikFoZVxC8sOfCT3NDPXRysUBWsIpxvdk_Qt5rO_liGrgwXQ-633YvQZlTuqSbvcChP2n8Y-_fKSrliDcM-UkPJfrNfJSSPFVlbM16ci8MDoaLcCiPRwI2cL8SsjCmCtp8gfS9uUr_iwL6VKIpJWAQJAVp6EoJjuLyJFrogcp4rz-d7sibwqCEnWovbFt9G7YV489F4dUD_6hAVowM88Yw-C5s9U123qGqT_WCZiWxsBQc8mrlyzWQUzdq6tDS2Km3VFYWxUkbiyh5p0BPzBe7I11vLGijKLi6RkDD_y2tGk2gPPD5lmjm_We2GJP7LbDvR_57m16hFzFx6Wl01MQjFRbVb1x-eOPTlX4Ls-Hrc5hEvOGJcwYAd5pTn7EWl53RbtS4UQBSiwGZvoJyCov3SE6545lUDUQqtWN96N_90YPrzoKWwZmYw3q-41LKkXEDIwSJpMtWjna-eWF7Xuv234UU1nnyysbqrMAyqjs5bYvscI1WspPRYTx7XKmU0k_SIBDOKhyF5SafkpbkX9XOdCtMrgpEx8zp2htTS8WeR1-ijQMNY4FqUEc9E0vJ8ZZZSr6jhdxzEwbWfGClydU0rlt_tZMPJioTGDdWKDGHM03wRzf2OidRdjf28sHhOJ81CmGgFp6Ddb&cid=CAASEuRoq64RgJ6uwPjJADwzqHCm4g&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac6702770-9efb-ecad-2853-ecad9efbc670%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:49:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6680 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVuDW8O0XO0-Brpjlyk-7f-1EzWH9JAFTmegrTD2cMVw3kmTSI8WjsUgGpeXdS9JSDgNT6RKPQVKv5dg-Df0HpRB-MNXpYwVHhiiSMyuqOXJ8K4B6-f5eyk3IW21Tk7atMR9XJhvaspRoLE8FA7g0EGYvyXw&cry=1&dbm_d=AKAmf-BRmtfLhmU8oahwSw7Ip8GCQMlEHMptSAvRJ4ejzx9T_-tGgmCgXuxzErjF-wstoHcw-cMg71h8Ad3eSomjgnsbloP6hM-SG6jdcuUmtWYuXKB1QcOTRpQs-nJoRowMIYFTxggMkHvrnoLUeWwH-pO4tBNfJeSXgptHPerlFrFG1-GeRARxTRad43Bkg9_azGztVuYff1n-LgGJLhjFwtr3k-lPaIR7cVqUidmXLzQJe6MBsIXU-kQIOM2pCokN3CI20KSDtGca4EHdgYaXXFBvQcOMQ2Hx4YEwq_3L-HcC_tL0gK2_8na6cUF6stYDi1eXvgF0dy0GeD-aJwfo-UaC47-PkmpWy3sGQNmOwFLCHjjEDCwW4AEroAoTYsJrVRLXRA0h94RLYgry-qsSB3GLGciGr3lDdTqO9ZiFP-L4RQoZlN3R5ZOOZW7dqe_OdCTyKFu3dQ9MOCV-rfTGs9g_8x19B9AwPOzoR306omWVtKud5zTKdtjdrVj_7dLgmulqkPI7GpfeUzebMR6Xs51ftCL4kSQ6fHxcsZdUQwNqjXsLaT9m639vfUzMqJ6X7TIbYQGdjlSQFeCrxd1ZQucIdoVMxR4-M88jgxuM0g_eVFDXF0pWwa4X6WvQbA3LU38Od5i45sWKA-sauDcKjMiXtEyiHQqWDbEvgY3UzAkqDFKKw0psGHbkrK-OajAfN5oVWztXNh1eJzxz4WiKNXpqy5QTWR63U8CuueFtYkVp-TFJsFjmJ2YBsb-38t-wUEkrTmInBqtkeW9BHJq2eBfOlt0rNsRMYQTCRAj51-n9flA1-M3KMEa1EQ6wNWmqWv4EAXlIXoChEZZtWCB_VAIv0O5YnVZJxJUHPlu3e2eMh2B3CIxvlWk6vCvaqn1QTyYcIsbTsOK8_Y8hq_VzaecDdYMAnY-IDReQ0I2M3V6baPARrNnbBQYW3IkJDpUeA10VQWUtMG2DU9kXHdGQN9id3ZeedDSVb8Vbl8V0u8Z3gMc1dRJ7eYGtofSBFr392jHJDNWkS41ebumm1hYnziXO8rDxUu0x7Tv3sPhJlWdR5GzNwUShU-kyHXSVoeubxTT3-RAyvKG-sioOVt4osa2YDrUOIQoOKdumEaBXUdNSVwp2Nn85VZaxkRySObMrfGOL4XHdVxMPHb0pmGSKLb6GnYz7Nb5iP8PPkdnd6cGJJTzSHHCvU5robnuanyIRVMmVOLTpf6AY6tGFrYrsoyuTUbDSLMuvBzWYyoqBpeU0z-L1djZHhRjHUvSn7WcmpraYuET38aqfIkkkJg6G1TsSBUonUNdiYXRomxjGwwrApJoxbZkoZJMUuSS7LZC_Z7JjLx3JY7X5WRwilPbDI5zmaPW3hNWA3Z_SjwpGiMGN-Vh3gFdA5KZ7YRnvC2_OTNw6DpXA0t_UBeqtXkTNUHH9G6-v96mYr3AgYOGuH23rIoGLjg-hCGpoAxIdhZTePK3a3f-f6uMOVG-Y597AQ1xFPgAqTO13Y0yGC47hoBUob-m8vy8WxvRY_kCkPmD7KmCzuN5QI-MS_Yu0tR3jZYag4pLghqIb_88XXCa_Ztek0pFaHYW3ZW9xCX361ucFVRkfFDccWQGrP5cWteEjFcv8vbuKt1RhcT8vzXQJ6tDFZ1vs95_Y-ZDlI0tAc-BFSvP0hAaojK7kXgHo8ratogbzOF6W6xqegGKRSitLAqIbyDRNWhn7_tP-gEVCfsbaN9Z4DorxGe-6sSzhEvhdvbqC4fI0KV7bSG0X51BmwTMedZZRz7uCBAGUUjMNSrlzE9M8DO8s-uTKLLojktGUrUxrZCvNUi4GAJmrWtR7sCX1dT4msxqGcg0Dd0yBYHsa6p_qn7BW9KcPGgbl3MKkvClb2CofXWxqqSBtVm0Bt7NAxdVlguDDSXWgTUsGk7S2ICP022DKvgn11x5iex6txtCoEqnS47WWoqKcmxJZWiJqw8qXXX0eGdIOYf6AdyS67QeX8CDwG482pIL-GB4uw3ZyxR88T7H5kRAHERFLMG4BGt3nbofX3dewgttJNxg681xFq-N8yxH0SAZKBktA_hQyehDzRATrfuTZs7L8GTpimoucVDPgUtWHJHFiGs3V0McLTP7E6boRykciHsE0h6Dezt3XLdx69woEDklkXp9WK-AF0qGlIWLk1wmlddG5Nvo4BuunSiv6NgxOEs6Kq1zOphERdYzJdrsNa07XEGymMk1EW566eHxqZSgVrjxDTfwL6dXSMdUXE9enRvaZwI5EOV-eEYk4bxQ6c6C6Ypij1vpih6spEJCpEc1dLkHN2GyDMSv2lW8WKezosuQACbzc5OBAFNEWUf8osD61lgcqs5b6havwPt9HxzK5d9zOqu2vjh6Uq2_2RiR0OstPSxXb4xZyEZZ7QYbKZKDMcyWqSpGP9QhaXVe5LMb97aqGkLMPnX2tqRhyUI4Nmg29pQWMeznewpwXvjc-XYtRAIolNDoA4I3hSrjz6rpJNccI8rp-6nQhO1WnV1L35J2XK_BC4NXe3fzFjxlVFZgHohCVJHMLTr_xEsB8qqrnSzzv2J-uwsIZ80G2ITPf2y5j7tS1GyOqCg7kJHJ75McKRusv5qvN7989iGN3RGeX-ikFoZVxC8sOfCT3NDPXRysUBWsIpxvdk_Qt5rO_liGrgwXQ-633YvQZlTuqSbvcChP2n8Y-_fKSrliDcM-UkPJfrNfJSSPFVlbM16ci8MDoaLcCiPRwI2cL8SsjCmCtp8gfS9uUr_iwL6VKIpJWAQJAVp6EoJjuLyJFrogcp4rz-d7sibwqCEnWovbFt9G7YV489F4dUD_6hAVowM88Yw-C5s9U123qGqT_WCZiWxsBQc8mrlyzWQUzdq6tDS2Km3VFYWxUkbiyh5p0BPzBe7I11vLGijKLi6RkDD_y2tGk2gPPD5lmjm_We2GJP7LbDvR_57m16hFzFx6Wl01MQjFRbVb1x-eOPTlX4Ls-Hrc5hEvOGJcwYAd5pTn7EWl53RbtS4UQBSiwGZvoJyCov3SE6545lUDUQqtWN96N_90YPrzoKWwZmYw3q-41LKkXEDIwSJpMtWjna-eWF7Xuv234UU1nnyysbqrMAyqjs5bYvscI1WspPRYTx7XKmU0k_SIBDOKhyF5SafkpbkX9XOdCtMrgpEx8zp2htTS8WeR1-ijQMNY4FqUEc9E0vJ8ZZZSr6jhdxzEwbWfGClydU0rlt_tZMPJioTGDdWKDGHM03wRzf2OidRdjf28sHhOJ81CmGgFp6Ddb&cid=CAASEuRoq64RgJ6uwPjJADwzqHCm4g&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac6702770-9efb-ecad-2853-ecad9efbc670%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jan 2023 17:34:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 3455 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DB3zB0CDza2PkHdv8L5LFvYQDs16MPqPaGZUX8d8Pd30dNqWvBksfqsmr5TlvjUrad9AGLWme5tE-YtLcpkT7CPMUfJ7NAqxXdcUIB817ZpLT87_gTXRFiB_tw0TGlup6LHEtZqhmp9bovpDWiRkVP_yiPbg&cry=1&dbm_d=AKAmf-AIzDSLxPMKZinIk4N2xfVidEFX0GrGu7RfsH-5F8g3Dk3qCVQMqui4WlR3zmMb77AkGyEsZ_QW6zseBVZQKR2AN-TH91eJ6A5ZfOkBEa6BcrpyzFpWrB6qFoPQ8BNaZuPghVJ6e3lyLmaWFnKvJpXDGWDNYwzdgigiO8dujAGePjFYgOVg2E3gJi4Xnsu07Ysl7LAlXMuEJCpNnDtQ9pAsNqO9E97QpkbjwAI7GfvEu41v_9xn7Yy7opQ1AH_1269EoNkNBF-N5ayWf_Q8e0gXiyVUNdKOyAR7YjFhhrGMc4hNB5Qo7MFnH_r1llk97pUGplbZlsJWZ9LL-ejBialqTFTXsBfmGAkZIfWXTUDjXHJ6sCmE5YbMNd_umosi_h6OpgHIkQM66LNO9858OuqsSxnla4gVVzTtPtT1TQn0eONB5m69Rce154aeMqbCDHgS5zH1vRmpHDBvDrAWYY_rM7dl9DXaz2wCNTdjbmobrrxoSBUK_CnQlaI65BCJJpue4ngZM3XpO72pMYK1YL3rdxTkTNITrus75LITWSJn9BGzjMWpVV7ignNuW_t7CgeJA232faO2OrvnRv765J-wduGD5qreVr8EgUMhFJ3Zl38zqH2Skn94g5lWh5IQc9UzfF8SLS6cODOcauRUnfhNSdLMNyEN_2dgL9KLzaAcldIrdZcANrTEsyqwC6Dqx4E6qMc4FlHaakhwZAnjRbpa4pW4m119xqUZvGVYhZLnNC7dG8E5hwjCgAg-jHzcEZApGdBJxoC2bDSJnhfWEnbF6TNmPKjux6Pt7za0dft6WDwZg1hr36bCDih5MgFEMBeVKM1EtELi_qwYNRe_1vfO0rCXuUCAQ6A1ttKd-DSY5N6Amlc7RLep4vgpO3L3NaIqGR_uFhO6yUouMvqbyb7VDR4MId2SuxgWAmPQFX2J24v-emhwkGbG-aDiOzKrWdA9cwmjUqu15S4Ik4buXaSX0UJ6M9NOpVqJ7DY2-PkpQ3kY_oZB00j5qmBF6-gNA29R-mgOLHx4cCuPyxEJsBxQ7LWCHX_Vok5xkOsaCeW0NiYxilvBSSwjSHEH6-bHfhyEb5LutxQGl1KczNuqu1kcPmLmT9V00OkcRY4d-YCr0rwafv_33FV1ihN5RjxdKeKCDtWp1HMQPxHvU1oTysI6RMDMYQ74qp2doICsYyLcn_-Ci08iycEE6vLbm-gIZdBQjriPZ9hQe3-VRHpXtstWJiqy3_qgyFwXuN9snY3FN0nl11huSQvDYtR09xAcc5p4nNimND7eG14SIAAoBm1g4yM15Z86gm7DA6YyDM3dzh55uRQL3NQTj8zDDfFabR4iRvedpChRxAW-GxE-e6II7qwdKlmH9aIhiYPb6SjB2g8mL_D6Ea7TxPDFzZbeWeyOIX-7mIUDObooTTFUBxbBM9ZBdrRGf5eZod02cxFfklZN7jmNxb1NZV0-Ss2u6BNRzENKgdBPqn_NyhUIyPBhZyAi-4EM4xy_4TkKpkKXps8TtlXFn1TF9k3maO3J77hXtFhrt92x3x4s4qK9H3I8rqG0K1a8dqchsAaz3xFkGvZTBC8shHwGj8t9ClJEMUsm55GbFSNy6tzZ1v0rnyjq-dQWoNe4qS3zk0_bj3bq4nJmnikVwLYF5CfDp5pqox-H-RYD-gjpqOHl29AY_1kDLmofIpG00pTlTydJ-WUGfkCwqLXmkwT8T2s9Rsuvp5dL45WAjQqKjvgUOlOstiu32Byoa8dhTgdkiAB5ijktF_0KAdFI18FgqOvh4OF-V5OpI_IMYb4V537hIoewaAsYRPhINIQ_ma6BV4ct5_XslrOb6j1GHF5vWjw8kZMdeBRoWHjM91RQhZXJhKs1G26NqFpS_fX6XGENIxFA8wWrR1jnPwVhWipcXuwT1QUbDsN-SdS6c8Yz7HSnu6lYIJNDpgGz0cg232O2reSe8G1blPvEwVR6oueP4me9b4hWYQffMtZHQ4wWXmBUdEXm6Kn1C02jbU-TgbnM1-DWhg_0bfyF9v5H_JeHLuEqUGwjPrWxdGknY7wFmhQlIhKdLNRp7Cr5CbE-tGCHuhLJQFoGH4sgFonVL9JINIlcgHPyphNS9syyx1ia8Fy8g_QdK8jmtOMvXqq2zjt0R1qS6xfQ4L3FmjXT_IZSTqMJo6P_ekGT8blgH2F5G0x8AvONH08PbIsGX6TCe0rym6G_SvT8F8wCRQEYhnc1j_ZWRUQEzheWn9Z4pHGZZxv94XXYdIPUuTANc0o4iB4ALEPVPFA9smb-cyop5XlaXCf9iaiUYiMsFEUqrU5Irk2mwg1WAdudcsHZkkvdaS5tTs2uLpUhXpZf3xDoLmLaW5lP4iArxf9gyqaq8l3Pt26CffVRTYCHTI5GdK88V6vIbe7hYSwKkFG1KU8M5JidjBhiiKGUc3XDCQfqObx9jc5APNzCw5WBRvciN8AfTgQuxfkMANNDSPYcvkybj2yP6MHe7mPThmV7mZ47f-3DJ135z_QRowp4uKzoU26K5xsPIIbm9h_0KdIzdw6yIKnfyBdJFI8UaY2KtUTiyocuFfhTkfJVuEwnr7bT4erU3MJT3XWzz2gFc8QBXbokWSufXeEpRYqipXo3688Qj-WA4D3nTBdFKwMUiggVIaiL9izVucF_2do4ZKksiWPJT7_-FhSOdXBqLIaTDCK6heUAholZ3TeqP90RnjAK7xEVHE9TYDEq6-2xHC46UavO5lQhnWx994UlwpmSRYAduMCanW8u-g_5ylf33rFQQOw2k525RzU4oj3cswaA8vsQtTdZFUwtaAgc-rlsRmJV-46hIPe4brBdihoNw6A-dRcUmyTPe_ykG7EBXVwsj3ERnSFIuY_UZMun2AdxhsdhqVLULPB3xMizx9E51-tjpm0JVRkL4yzGJ7fhibhy3TybC3IpVgJKHYkjWPqUUClv5l75t7pwX83bYgrxl7oSpcCAOyNEgwNyE0unxTrPnlipJlUIOAKIfoEv7cJVQ1WzOVKxCFj010pOXM-sco68q_10Xy3xQXriLA539g9OG-lKIAtVQXdk-01vsftUjK1tBQX7VEsHQmN_g6C2M0_fK5VYuVDYO8P4ieeQdAVlI1yyxxs51CbxFirxLNM57LHvhoSHJGjjlxs2js4P6N4eLYnFUtNgnetmpPx7Jnhv11AgnIcU59kjhqzUMx8qcndFKOA_2YUBCTHSBfVdLwYFbo-fEmhSFJtLynFYPzbEhLS9D4R3e3XxZz8RIKUybKT8_lz9lWGMgGzaYZwfNlPfcCibWmLzY5BVRdlUfdMfq2M&cid=CAASEuRoJSixtQS35i58ubs8cerdrg&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac670221e-9efb-ecad-2301-ecad9efbc670%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9288
x-xss-protection
0
server
cafe
etag
5602277676122011250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Feb 2022 19:49:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3455 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DB3zB0CDza2PkHdv8L5LFvYQDs16MPqPaGZUX8d8Pd30dNqWvBksfqsmr5TlvjUrad9AGLWme5tE-YtLcpkT7CPMUfJ7NAqxXdcUIB817ZpLT87_gTXRFiB_tw0TGlup6LHEtZqhmp9bovpDWiRkVP_yiPbg&cry=1&dbm_d=AKAmf-AIzDSLxPMKZinIk4N2xfVidEFX0GrGu7RfsH-5F8g3Dk3qCVQMqui4WlR3zmMb77AkGyEsZ_QW6zseBVZQKR2AN-TH91eJ6A5ZfOkBEa6BcrpyzFpWrB6qFoPQ8BNaZuPghVJ6e3lyLmaWFnKvJpXDGWDNYwzdgigiO8dujAGePjFYgOVg2E3gJi4Xnsu07Ysl7LAlXMuEJCpNnDtQ9pAsNqO9E97QpkbjwAI7GfvEu41v_9xn7Yy7opQ1AH_1269EoNkNBF-N5ayWf_Q8e0gXiyVUNdKOyAR7YjFhhrGMc4hNB5Qo7MFnH_r1llk97pUGplbZlsJWZ9LL-ejBialqTFTXsBfmGAkZIfWXTUDjXHJ6sCmE5YbMNd_umosi_h6OpgHIkQM66LNO9858OuqsSxnla4gVVzTtPtT1TQn0eONB5m69Rce154aeMqbCDHgS5zH1vRmpHDBvDrAWYY_rM7dl9DXaz2wCNTdjbmobrrxoSBUK_CnQlaI65BCJJpue4ngZM3XpO72pMYK1YL3rdxTkTNITrus75LITWSJn9BGzjMWpVV7ignNuW_t7CgeJA232faO2OrvnRv765J-wduGD5qreVr8EgUMhFJ3Zl38zqH2Skn94g5lWh5IQc9UzfF8SLS6cODOcauRUnfhNSdLMNyEN_2dgL9KLzaAcldIrdZcANrTEsyqwC6Dqx4E6qMc4FlHaakhwZAnjRbpa4pW4m119xqUZvGVYhZLnNC7dG8E5hwjCgAg-jHzcEZApGdBJxoC2bDSJnhfWEnbF6TNmPKjux6Pt7za0dft6WDwZg1hr36bCDih5MgFEMBeVKM1EtELi_qwYNRe_1vfO0rCXuUCAQ6A1ttKd-DSY5N6Amlc7RLep4vgpO3L3NaIqGR_uFhO6yUouMvqbyb7VDR4MId2SuxgWAmPQFX2J24v-emhwkGbG-aDiOzKrWdA9cwmjUqu15S4Ik4buXaSX0UJ6M9NOpVqJ7DY2-PkpQ3kY_oZB00j5qmBF6-gNA29R-mgOLHx4cCuPyxEJsBxQ7LWCHX_Vok5xkOsaCeW0NiYxilvBSSwjSHEH6-bHfhyEb5LutxQGl1KczNuqu1kcPmLmT9V00OkcRY4d-YCr0rwafv_33FV1ihN5RjxdKeKCDtWp1HMQPxHvU1oTysI6RMDMYQ74qp2doICsYyLcn_-Ci08iycEE6vLbm-gIZdBQjriPZ9hQe3-VRHpXtstWJiqy3_qgyFwXuN9snY3FN0nl11huSQvDYtR09xAcc5p4nNimND7eG14SIAAoBm1g4yM15Z86gm7DA6YyDM3dzh55uRQL3NQTj8zDDfFabR4iRvedpChRxAW-GxE-e6II7qwdKlmH9aIhiYPb6SjB2g8mL_D6Ea7TxPDFzZbeWeyOIX-7mIUDObooTTFUBxbBM9ZBdrRGf5eZod02cxFfklZN7jmNxb1NZV0-Ss2u6BNRzENKgdBPqn_NyhUIyPBhZyAi-4EM4xy_4TkKpkKXps8TtlXFn1TF9k3maO3J77hXtFhrt92x3x4s4qK9H3I8rqG0K1a8dqchsAaz3xFkGvZTBC8shHwGj8t9ClJEMUsm55GbFSNy6tzZ1v0rnyjq-dQWoNe4qS3zk0_bj3bq4nJmnikVwLYF5CfDp5pqox-H-RYD-gjpqOHl29AY_1kDLmofIpG00pTlTydJ-WUGfkCwqLXmkwT8T2s9Rsuvp5dL45WAjQqKjvgUOlOstiu32Byoa8dhTgdkiAB5ijktF_0KAdFI18FgqOvh4OF-V5OpI_IMYb4V537hIoewaAsYRPhINIQ_ma6BV4ct5_XslrOb6j1GHF5vWjw8kZMdeBRoWHjM91RQhZXJhKs1G26NqFpS_fX6XGENIxFA8wWrR1jnPwVhWipcXuwT1QUbDsN-SdS6c8Yz7HSnu6lYIJNDpgGz0cg232O2reSe8G1blPvEwVR6oueP4me9b4hWYQffMtZHQ4wWXmBUdEXm6Kn1C02jbU-TgbnM1-DWhg_0bfyF9v5H_JeHLuEqUGwjPrWxdGknY7wFmhQlIhKdLNRp7Cr5CbE-tGCHuhLJQFoGH4sgFonVL9JINIlcgHPyphNS9syyx1ia8Fy8g_QdK8jmtOMvXqq2zjt0R1qS6xfQ4L3FmjXT_IZSTqMJo6P_ekGT8blgH2F5G0x8AvONH08PbIsGX6TCe0rym6G_SvT8F8wCRQEYhnc1j_ZWRUQEzheWn9Z4pHGZZxv94XXYdIPUuTANc0o4iB4ALEPVPFA9smb-cyop5XlaXCf9iaiUYiMsFEUqrU5Irk2mwg1WAdudcsHZkkvdaS5tTs2uLpUhXpZf3xDoLmLaW5lP4iArxf9gyqaq8l3Pt26CffVRTYCHTI5GdK88V6vIbe7hYSwKkFG1KU8M5JidjBhiiKGUc3XDCQfqObx9jc5APNzCw5WBRvciN8AfTgQuxfkMANNDSPYcvkybj2yP6MHe7mPThmV7mZ47f-3DJ135z_QRowp4uKzoU26K5xsPIIbm9h_0KdIzdw6yIKnfyBdJFI8UaY2KtUTiyocuFfhTkfJVuEwnr7bT4erU3MJT3XWzz2gFc8QBXbokWSufXeEpRYqipXo3688Qj-WA4D3nTBdFKwMUiggVIaiL9izVucF_2do4ZKksiWPJT7_-FhSOdXBqLIaTDCK6heUAholZ3TeqP90RnjAK7xEVHE9TYDEq6-2xHC46UavO5lQhnWx994UlwpmSRYAduMCanW8u-g_5ylf33rFQQOw2k525RzU4oj3cswaA8vsQtTdZFUwtaAgc-rlsRmJV-46hIPe4brBdihoNw6A-dRcUmyTPe_ykG7EBXVwsj3ERnSFIuY_UZMun2AdxhsdhqVLULPB3xMizx9E51-tjpm0JVRkL4yzGJ7fhibhy3TybC3IpVgJKHYkjWPqUUClv5l75t7pwX83bYgrxl7oSpcCAOyNEgwNyE0unxTrPnlipJlUIOAKIfoEv7cJVQ1WzOVKxCFj010pOXM-sco68q_10Xy3xQXriLA539g9OG-lKIAtVQXdk-01vsftUjK1tBQX7VEsHQmN_g6C2M0_fK5VYuVDYO8P4ieeQdAVlI1yyxxs51CbxFirxLNM57LHvhoSHJGjjlxs2js4P6N4eLYnFUtNgnetmpPx7Jnhv11AgnIcU59kjhqzUMx8qcndFKOA_2YUBCTHSBfVdLwYFbo-fEmhSFJtLynFYPzbEhLS9D4R3e3XxZz8RIKUybKT8_lz9lWGMgGzaYZwfNlPfcCibWmLzY5BVRdlUfdMfq2M&cid=CAASEuRoJSixtQS35i58ubs8cerdrg&rfl=1%2Chttps%253A%252F%252Fstaging-dbr-pwa-posthaus.ecosweb.dev.br%242%2Curn%253Auuid%253Ac670221e-9efb-ecad-2301-ecad9efbc670%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jan 2023 17:34:02 GMT
setuid
secure.adnxs.com/ Frame 5D1C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-Rh6RMVor1Uyo2aT16hvnsDynyrrl7GjeInYmMg&seg=95287
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
08513944-adf7-4b99-8bd0-68dbd1caef09
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
397596.gif
idsync.rlcdn.com/ Frame 5D1C
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=gtWTm_d5g79LvQLwT7O7CTkvGx-BWaSJ
42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=gtWTm_d5g79LvQLwT7O7CTkvGx-BWaSJ
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=gtWTm_d5g79LvQLwT7O7CTkvGx-BWaSJ
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3126
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
spp.pl
sp.analytics.yahoo.com/ Frame 5D1C 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 27 Jan 2022 19:51:34 GMT
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 3455 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
25d7dc5aa3e710644edbf10667c4bc1227c4deb84da2314bb0c7aca228c8f4b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3931
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
k87fl8jofdhz
hal9000.redintelligence.net/zone/ Frame 6680 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/k87fl8jofdhz?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3e84b01a19ac7035d8eb600f523ffdf05f8e6fd4ee6d09d4a3698812de4fca83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3920
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 3D63 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
25566d3123c1602708a1a9c51f4aeb398f58de228626d8f9ce90f1de734d0d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3924
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 9418 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
09dfdababd4f3eb1acc2ac9b8817c156f1c41ab13546438a746960db1f051d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3931
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC88 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 18:36:02 GMT
expires
Fri, 27 Jan 2023 18:36:02 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
4532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2537 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 18:36:02 GMT
expires
Fri, 27 Jan 2023 18:36:02 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
4532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5876 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 18:36:02 GMT
expires
Fri, 27 Jan 2023 18:36:02 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
4532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0771 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 18:36:02 GMT
expires
Fri, 27 Jan 2023 18:36:02 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
4532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 5D1C
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/IQGHf7jwtW1fwyr4cBF_YU67FYXjQ__6/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4507735809063745101
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4507735809063745101
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:33 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3843738
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=4507735809063745101
pragma
no-cache
date
Thu, 27 Jan 2022 19:51:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
request.php
hal900015.redintelligence.net/ Frame 3455
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
HTTP/1.1
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
daaf43c79a78185d04589b7b3ef5348f98beba8e3edf78069418524cb18792f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
43952400224573300710584011852015
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1263
Expires
Thu, 27 Jan 2022 19:51:34 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
request.php
hal90004.redintelligence.net/ Frame 6680
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
HTTP/1.1
Server
138.201.63.116 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cb9070527089033a6a03cfa6dfdaa990dc773b5659cc68fc907f773673d2562b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
51134500273550600710580011852004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1262
Expires
Thu, 27 Jan 2022 19:51:34 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
request.php
hal900014.redintelligence.net/ Frame 3D63
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
HTTP/1.1
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
9de2021984ff9e363c836f1f22aeed71a60a828dc57ac190995f92f143fd8f60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
92233500244512200710584011852014
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1265
Expires
Thu, 27 Jan 2022 19:51:34 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
request.php
hal90003.redintelligence.net/ Frame 9418
Redirect Chain
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
HTTP/1.1
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9d3e7b451fee60bcf5ba024566a2833a6acb01b42e5e8fff194a575a9a1b4cc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
10227400239371300710584011852003
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1311
Expires
Thu, 27 Jan 2022 19:51:34 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 0771 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 2537 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame 5876 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame FC88 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F36C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:810::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 17:35:17 GMT
expires
Fri, 27 Jan 2023 17:35:17 GMT
cache-control
public, max-age=31536000
age
8177
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DB5B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89468aa9c0c7c94e7ccaeaf3a594f4c16c96f9e4db6137bb723b9544f4b7954a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KxteM6gEtMYTLBMHkPp+bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 27 Jan 2022 19:51:34 GMT
date
Thu, 27 Jan 2022 19:51:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-KxteM6gEtMYTLBMHkPp+bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adv-srv.office-partner.de/ Frame 4B73
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:34 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 0B35
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=43952400224573300710584011852015&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
914 B
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c5a4ba5e0b4c2085dc57c96897f9d41aa78540a4196bf45003590a21f0a00d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44843dd8ce9128-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 3455 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=43952400224573300710584011852015&nw=1
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
7a6c4bddc35468138fa47f8f1f5d6cb90a9f9adbea24710b7373b89970d1575d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545
8019191.fls.doubleclick.net/ Frame 9467
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545?
391 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545?
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
77c753ede714812ca10e0b8a6f64e806aea2b9cc358a4d1e533e59f6b4f83f58
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:35 GMT
expires
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900015.redintelligence.net/ Frame 3180 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=509212252e&subid=&uid=be49efb5fe265a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCiWYfxffyYZmpJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AOmmpk_NFJ_PQN8OKmeTcqhfls4se62yBkR87oaaeqOVecZvqUdhc-t_thHb4ZP5TzAFx6ryAOYn2D4xzSVJrFYoo6ZRvivHBwpvhJrYQPB15J2Q5vu4Gqw6a0IkxrZTpmEuO9wvXfsfI4_5ymTRwZzi9k9-EvXB9OCjcin3uM_eJvhUm-R7cRFfJzSygL_vNyoDsjGdBCdEsZrg0HHi5V3oT8MwnwjV9HLNP5deL_cUJ9ApZ52Cs7PYmNO6WpUuctN5OnmuW9n8nGs1px1Om412rne9K50BEFFZ3Bnaz-xyPBSNpEMGl3zBQ2BoYdw_26FXdcr2kC2ieDHgLOKCFLjScQcxA4nDZm2CbvSECOO94OhUUA1YL_wAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJSixtQS35i58ubs8cerdrg%26sig%3DAOD64_29NHbe12cDDK1Sh6c4hdxkxuzCzw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C4MlwFbTp4nlD_JTYQm6zAQeEQnbc_B7fDWzJH7bEzgIiQCyMW0fXuPkb7z9U6WCI7p6buV1ETHRDCEiM9F7eNb60MlgP49TmAjAhxd9B4ZxKKMbIZNAGBhfKgqL3SG3JyOTZQjBMVr4xucIadhDLC7uARGw%26cry%3D1%26dbm_d%3DAKAmf-AfIS2HlK6CczTXcw56BLFotj8b5yEOLOJiuxmNPddNYqcsG411khbCriutXL8ql4q7UWC1dN0lrwKq5cUjP0Fw3YpnAAaDmMgyyk6Icwi6mYtw_m8dYWKlHqsHo8ml-XnPZWqsCv6yAKd8lnCGCc6pqaJefF-P5AcPMQAsmSEbOqdxRnIfI4-GAnBnfwX64u9qGpduVAUkEpEBtSyQEnj4-QPVyLNwL9xmnQQmjfLobWRKmtvL7hu50myWf959OZ-eDqN2iXed9oqOptmTl24W9VrxpgU9oGsfoe68iwRmjFCE_IFWSkqXYVrN763J5nXEZtsSQnHHgra8YlNkZaSOs6WM2RVZGv2Rwq7FLrUZez_t8l-dXCkFUyP-msNDAPB5vHcD7siPcfDLYNzwOfiaCh3UVRQ2TNTni4FIe1cyNN9maz8%26adurl%3D&documentReferer=urn%3Auuid%3Ac670221e-9efb-ecad-2301-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5758611964652&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0b7e5aec1bf22f9d5502c0a076cb17209621e5f51ce399a020e6d280b7a05742

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2074
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 3455 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=43952400224573300710584011852015&pv=1
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.170.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-170-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D3B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23122
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3455 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f14bb5c3207a07c68b19decbc9b938753767535c2c1914da9cb8b2be6536b21c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame DB5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=645188121543134&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
adv-srv.office-partner.de/ Frame 419C
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:34 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 059F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=51134500273550600710580011852004&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
914 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5e038b36adeb2c744322952e5fdb4a6f57acaef5b1109e480bce66c040efbc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44843dd8d09128-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 6680 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=51134500273550600710580011852004&nw=1
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
f0de46f1ef430bf7d10806626320833bfb4909d0816538fb49de204620cf7158

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1231
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299
8019191.fls.doubleclick.net/ Frame BA33
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299?
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
1aedf020291a2524a57e0afd748a2a08189a2c59c8e6f94fbe8ee8776b1014b8
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:35 GMT
expires
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90004.redintelligence.net/ Frame 3AD0 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=k87fl8jofdhz&nw=20&renderingType=javascript&namespace=ca962d47aa&subid=&uid=012cb1d7e70e7ff3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpBtWxffyYZapJteNrAS6yLyIBY_g-IZT_bGLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJMCT9AhPdzz5TWhDB5J4PH-EERxYKXpz53P4o7V8pFrNYUsiCE7SwAcknIkGeIsCeR3YLJqaRaF_TMsCHx7JGzqOEqAq7wEER9V9L4o2JncLG0urT2Yona-A6UsN1jtfKwoL9gAFkYQFvi2wY7qAbOS0ZzYTJaBCYHOtkCaVU9WpLL08B4sKz3b1fExvmd7c4MluqDyMQf1LCL7WHXnmxz6zTnfKE0SvdzGIN8LZtIGYmcOwo1KNC9sASzvkprmnv-GT4qHVINI9IxaRQQMD2xq29vaOy_M_qGnjrcwFbIgKghvbpUjOYELnontMfRvvtRFW5VZF6Z3RT-lyjv5gzg3KZQx06BTkiA4rbftPVszeDaGdEXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoq64RgJ6uwPjJADwzqHCm4g%26sig%3DAOD64_23iu-Rvt9R1oVOVnvOr9kTeC6XIQ%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-AHfDgiM5KJySguWxOOYHbGw43ukJ9GRZvjztbK5kVMJyVE9mZzeAXPTaAsFVzIqs6ZnXWkbEH5LszqfSTTo9v_XbN1uxJhIHDfKdmz_2ppCkQzUrSeG0zymxDqgrgluzoX7JT8H-DtoAEy39O9U0gtLCXYuw%26cry%3D1%26dbm_d%3DAKAmf-DLKoJ92Q0YzbqzkkZS-3U7pRhYtOfi15GfRnBzZQ6RsI6rR__hXMHbZg7zWEOIIEVDFKF0sS3Rh4Djf80J1vX6Q5JaLjtEDWe-mR7FfXHb_zl9g0Kw4XalMwNirScc8-K-JY007sTeo1fwFftwAALyk1V3LHNcQh2v7pQY63aA9aMx2cZoqV0OwaZRb8LwFkDgVdAWnyP-yi0uxmYw3TTZkS2uYnIuGGHYdcWZZYO2z6ZhgXMX0afy0NSbHwWywmZRiWn_iLHWhrsbYQl7oecRG_bpgg6U3wNgFGBMc-iyZgVaLLSvGWeOWqwfCdngg64Qys6IeMXt1aajhXCBxgNUS7QL--zi1CnbxGz7qu2ebfTvbmgHJsXDVxjx22ep8njY_A5_DvdY8OpPwFbIcCZTFsa9VHv913GQR3G3Q241r-koG9E%26adurl%3D&documentReferer=urn%3Auuid%3Ac6702770-9efb-ecad-2853-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=5816084549093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9ef9c7fc84c9e8ee640336cc71ad7227f109bbe9bc61ce624251e478aa0b868c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2108
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 6680 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=51134500273550600710580011852004&pv=1
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.170.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-170-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1F6A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23122
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6680 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ee3092d61a20c306ed5e87a9efaf4ce8e5481972ecdbd15027ec9794af6a5ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
adv-srv.office-partner.de/ Frame 7572
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:34 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame D8A6
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=92233500244512200710584011852014&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
914 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a32386de5ea4faed6268eb9d003f8356e544cb1d000cb572ce22a35f4876f9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
last-modified
Thu, 27 Jan 2022 05:01:11 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6d44843dd8c99128-FRA
content-encoding
br

Redirect headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
11
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 3D63 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=92233500244512200710584011852014&nw=1
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
15524ee5f7a61cf96454a05a43fd97edbdee2c202653b96116f26f7e507e1654

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549
8019191.fls.doubleclick.net/ Frame E398
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549?
391 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549?
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
223ccf9dbd4d2c4cb623630faf509d8f16a4d083d1baff66c3958629b704bb30
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:35 GMT
expires
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900014.redintelligence.net/ Frame 43BA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=48f44af46d&subid=&uid=a93325b1694e8c03&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-WagxffyYZipJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9AMyCqfFPjsvu4CUpwtuOTdxJRdIvlc3UsTDl3_L4DAOQb2PoubBiBtAfc-uwGQ0WwnEq8V7U_fLsvWvPM1N-uijwt4JfCGRFiGJYrt_569P9azhpuUQWm_IVMaKRFFRxWP_8gKKG2_hEUMtZIE7LIiEu4QvY15gXfH2lU-vNvWydD_ld6Tov4hIzC5yiiBQzblSNg1cAz8k8L1Glfht79BCGMHopLo55J9AW8KldnojrhS2dvGUVHsWjV8MJmG2_hGkyWFcs8780wHTiy0YQGnaNEkK2vgYicP2bq-Cejhs4mYRQbaPVTpiCOaRDGzwY_7WgXk7K4ye1UaVbswAScCb31lPEji3rBGJSRr5DnQugIJHRZdGkXSwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoB4_PoWckOYWtdrwIe2LBIA%26sig%3DAOD64_32nfQ8piXwh0So2f3Yht42aDXZIg%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-C2yem6BYNuoFkXK0DJJU42R9UC0u5M1Dg3g-2xtdWV3iDZqbGlaTHqQBiyRyVL3tk0lIUHJF1VNfPywu-Yja0Ny_VWB3u-b3-XBBSZp8JmIc29FsoRttsW3kSiDwC80NWac3gN6AbhcW_0cnbiObI7-HJ3zQ%26cry%3D1%26dbm_d%3DAKAmf-A5WO6pQx685vbUkYcPUzfcX8udCaGQAgue_emd7S2VqoSN5QGTxRl5hsZwOpUP7yTXsthJK9ZoXtmFY8pr6MAmX0ZJXiWru30zL-7nlFX1zSJPPQfnsTzRKyqrkaog1USUA66DqxJAFkrCdeHGbB40tpK8wC21S-mWxpVPBveGPBr6fPk21CRzbgQ4MOP4sSEv7CgaDXEcw0aBUl8Y5grcN3ntreHgBVYd36zfPybsiDEfI93K6cmBwprqRlXfzD1JKRZveCKf4hrzktq980DMbnP61I-3g0bUxOASN5GSrj1rws9xlLFjE-rJUenaNiqoieCapssxNsWAz8m9fQSfmMUSB-HPYNberfyW7gHL1u6kCp0nbjsnjxrWi3nzfNnQrM4DLGxP6I73K_p4WpioD7O3_izx5XCr_wbCJqHr2-7v6O0%26adurl%3D&documentReferer=urn%3Auuid%3Ac67023e4-9efb-ecad-24c7-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=8068157385439&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
2d830f64601ac1618901c7f019cdfa32c9e92125446a4b0bc62d8559fec908b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 27 Jan 2022 19:51:34 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:34 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2064
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 3D63 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=92233500244512200710584011852014&pv=1
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.170.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-170-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E9A1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23122
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3D63 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41a0721c9b6ded37de01411d45b29a274d2fa94558ff36013277ac54452d30cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view.aspx
pb.media01.eu/ Frame 21F2
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=10227400239371300710584011852003&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=10227400239371300710584011852003&actionid=731824&produktid=businessgiro&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=10227400239371300710584011852003&actionid=731824&produktid=businessgiro&dt_url=
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 27 Jan 2022 08:51:34 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 27 Jan 2022 19:51:34 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=10227400239371300710584011852003&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA2:B18A_91EFC182:01BB_61F2F7C6_1190C070:297E9
X-IPLB-Instance
40028
Cache-control
private
/
adv-srv.office-partner.de/ Frame 419B
Redirect Chain
  • https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
  • https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
930 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.1.80.163 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
s17177.creolineserver.com
Software
nginx /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
keycdn-engine
date
Thu, 27 Jan 2022 19:51:34 GMT
content-type
text/html
content-length
162
location
https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
expires
Thu, 03 Feb 2022 19:51:34 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 9418 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=10227400239371300710584011852003&nw=1
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
b67c8df9c85e5d0cc79b818c8ba67dd5b5646170488d095097c20152b590ba68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1233
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616
8019191.fls.doubleclick.net/ Frame 4388
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616?
392 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616?
Requested by
Host: staging-dbr-pwa-posthaus.ecosweb.dev.br
URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
bb54a1ca8d95e65565fca53231136966271351688dd019e0c67916b66fd818ef
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:35 GMT
expires
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Jan 2022 19:51:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90003.redintelligence.net/ Frame 128C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=f0adbbf538&subid=&uid=75c1449622dce912&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCz4hzxffyYZepJteNrAS6yLyIBY_g-IZT9aiLpMoM8C4QASDQv-44YJXikIKgB8gBCakCzqLv4K2wsj6oAwGqBJoCT9Bgo2myg-OIerS8rug34jgri2mxYCz6TOh06_wJPnY5fM4k9DwzCIaAvwlbNDzFQRUxpBTcw_MgaPvbEgjA7v3d4EFFBAfAD10KinHNWZqOP9_v6MDvplCbknY5J-yMUx7jTJXooZFjsLBw1m06hW0oaY27h0ByYBQJeE91_-tfl7oJwquFpT79muCu7Xhog6RnTR6GkuBRZXIqkOXvctRj6wwqoRJWZXL91Ei4ZRXhmlxbaadysDqF0R5bp4faJnsvjG-LfB8yATqqTWpWFjbgAoYO6d6LnH3xbDJJMlPs_ME7DAJumYpjFBO-N5nrxfXP8Wbk7YFagkqRKg4gep447XHDvu0zSfXChWyn_BOxEue01xmsrXkgwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoFx8OlyEdCBDBYQEXH1cOag%26sig%3DAOD64_2IVTVAz1CQigufyK0sEkLaOzS8yw%26client%3Dca-pub-9251952816162284%26dbm_c%3DAKAmf-CiRGis2U4NsCCwT6zn-UQYITDnDQ23i9Z8GAE_RJN_su9Xjc074LMmJh33377YphnCbiA2YlcO3GzvRgHa8YEAzLD-B0yBvQaWZmBvdCxMMFvkIX8EdZMJsF3b7mUHjF15TWPkpK1C-qoDxqkyn8RwcHlyww%26cry%3D1%26dbm_d%3DAKAmf-C-9RXdFWQx5orRQyb99hvngFmnwT-GSbvQVLyN6dp02jZ3kBOkPAIqCzWxg-whnoCOPFVDKUaU8CzvrdAirRWGKRWmiiSggre3ptwNRfTBGIeT4Eml4tmkFVFrtwW6sxdS8LZElmODM_kwKzKHkrjA1vUO0qLkaRNrk1WsvC6LiPykD2JBE9fMnZdSkXCYItOZFC9mZfFwEKnVUSNZOyO8EMPlH3iMCE_yzE8tyHRojLBOia7dcxMppli4oYNZs5_HvqAQfnBFwQeU0XcrfoJ7ct6n9KQ0qj-0WU8kZSakYTXq78rVFsljYBbWdOM0k33nfDBaEqDS8v8K-OlHoc-XDzKPjwvSHl9mBZ8IcAi2zYfHfHkLbcl5QRjyu0V6NG-Dm9My5NNSOlcwjOeCiOq9l3oF8LvjKAkarBSWHxZ822-VD58%26adurl%3D&documentReferer=urn%3Auuid%3Ac67025aa-9efb-ecad-268d-ecad9efbc670&ancestorOrigins=https%3A%2F%2Fstaging-dbr-pwa-posthaus.ecosweb.dev.br&random=6272253541888&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06a07fb091c0101fbbeb34d036e1f88cb48a614ece9758cda145762cd6867de5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 27 Jan 2022 19:51:35 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2026
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 9418
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=10227400239371300710584011852003
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:56:57 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
B9D59BA2:B18E_91EFC182:01BB_61F2F7C6_1190C071:297E9
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame 9418 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=10227400239371300710584011852003&pv=1
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.170.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-170-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:34 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 49B0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 27 Jan 2022 13:26:12 GMT
expires
Fri, 28 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
23122
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9418 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b0f10808975bd483784cc8fed43fdbb331c09ad1ce1eff16a9d165441353149

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
pagead2.googlesyndication.com/bg/ Frame F36C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 15:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13575
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jan 2023 15:21:58 GMT
css
fonts.googleapis.com/ Frame 3180 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:17:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 3180 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3180 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3180 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f8938364a937bacb16c27dd1f21d0d7c9e814b1e60ce0ada4b7e5b70bf99a280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 3AD0 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:24:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 3AD0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3AD0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3AD0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f8938364a937bacb16c27dd1f21d0d7c9e814b1e60ce0ada4b7e5b70bf99a280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 43BA 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 43BA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 43BA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 43BA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f8938364a937bacb16c27dd1f21d0d7c9e814b1e60ce0ada4b7e5b70bf99a280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7156
Vary
Accept-Encoding
Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9D3B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1&google_push=AYg5qPIbZc3P55zNfOjiMAif-7AR4ojzn7Xw0gkvs0yLRUou-4H0EzQu7F1cmOEOGyVRmsQqggF3UQQI3lGasaWg8UfI1UmeAhg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUwNzczNTgwOTA2Mzc0NTEwMQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Server
2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC3F6f9kwsNKZbGtAa6ymds&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9D3B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDGvOdza3wRRtVaOMalUKjI&google_cver=1&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWe...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWerD1IPgtuqw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWerD1IPgtuqw
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI70bCe7kJ8jZQjYZo5JsBmrPCp0VQeOlqmO-PYphMo6dcG9bcJsXV_A7TrH9caII2QSj0eNReiQhwZtKWerD1IPgtuqw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 27 Jan 2022 19:51:34 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9D3B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEER_XeLFrgyfyi9ia2-m5cg&google_cver=1&google_push=AYg5qPLwCn6-6n4ZfpwT_GtfMz0Lg4vVkq-uebNKmFgSZVS-WtwWmdXUuXIHuoMY9d3k-MipHO9SJIpE9R3HTlFSX93OPy5i0fg
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
207.198.113.176 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dot.gif
s0.2mdn.net/ Frame 9D3B 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEKCvntvKayeWVLwzJSn0sfA&google_cver=1&google_push=AYg5qPLztacL-ujikcqBWxqPt1azy4JRRMA_aU9LQg-TudMWX1seud00NzarOolXwqmaItknUhbwaBnClzS9jVAxAKaCHeyy3mE
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:51:35 GMT
pixel
cm.g.doubleclick.net/ Frame 9D3B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIl...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wc...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwNDYwMzg2MDgyODMxNjI2NA&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwNDYwMzg2MDgyODMxNjI2NA&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIlQJWYfN_Pf3SKMlWvgzE
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwNDYwMzg2MDgyODMxNjI2NA&google_push=AYg5qPJ-9r4OEPCkJZzPYtW5h14BwVpE7hnr7uwY4UoVOa1q_NUhxs2BHB5E4zpPKFBOHZtV-wcMOmIlQJWYfN_Pf3SKMlWvgzE
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9D3B
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrz...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrzj0yIEXfZxzQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrzj0yIEXfZxzQ
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:51:35 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6_k-fgIawA_1evERpoHAfGT5imYS8HrvRosYRZQSMhvFK3cgDdLQjtezMgFX_nLkuY4VNAloeK7qEzmrzj0yIEXfZxzQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
CIApYxRshErpRhbvER55w3rKrkr3jef40uBCGpVJUt-PoHylwmpujg==
sync
ssbsync.smartadserver.com/api/ Frame 9D3B 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFeoa3H9koxPPjXAaFhjND0&google_cver=1&google_push=AYg5qPIvYuLeZcFdHyB7pMNWwp1q77OqX89BlEcdwnO4NJmIpX6CRU0sZnj9KtsbK__GBOz4G1Ftnx59GVVzggj8Md---WQCP0o
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9D3B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lgg5SQxlwW6W8rQMp24EUHYKlp1PCSA7G-wwYQH1R4s76D_Cv2hDHRniuXTa4Hhnv0RMN2
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 128C 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:18:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 27 Jan 2022 19:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jan 2022 19:51:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 128C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
eed0bff3d70e8c7847c6ee8d9613f2abbdaae38d353e4a61583416ad90362bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16465
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 128C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 128C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16817
Vary
Accept-Encoding
Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dI...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDY4MjY0MQ%3D%3D&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dIMwT0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDY4MjY0MQ%3D%3D&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dIMwT0K5UvrPz_3BLA
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDY4MjY0MQ%3D%3D&google_push=AYg5qPInDt-C8e0EPWeWDQ0BFFlGCPryw67vwKUyin7St68yJlSyro9KpKgy4OHTEVTQAIynlkhwSLmrRy09dIMwT0K5UvrPz_3BLA
Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9NumdgOsQp6iz6wpwj6mQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9NumdgOsQp6iz6wpwj6mQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOOtE9g2WoXrlCONcagI0uSdOnXQUB6HD6H_KZmzwHtrMNFt5gLWfN29Py4VEnmen2OSURwiynd6XXiYVWIbhc7KqO57l0LQ
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9NumdgOsQp6iz6wpwj6mQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOOtE9g2WoXrlCONcagI0uSdOnXQUB6HD6H_KZmzwHtrMNFt5gLWfN29Py4VEnmen2OSURwiynd6XXiYVWIbhc7KqO57l0LQ
date
Thu, 27 Jan 2022 19:51:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKxIOuQhgknZzJiaPvcZ_E0&google_cver=1&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSQzgtMUwtNkVWQg==&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWmynLbpOL5D_GpXUERXd8p8Ul79dg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSQzgtMUwtNkVWQg==&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWmynLbpOL5D_GpXUERXd8p8Ul79dg
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSQzgtMUwtNkVWQg==&google_push=AYg5qPIyFO_xk8ghpqVb65kS_Cf7tvoPQ283rK08Aj3PqmYqm5xnO8Fv86Z6BwZ5x33sw8XrnWmynLbpOL5D_GpXUERXd8p8Ul79dg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY7Vu7314CAzvbSw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY7Vu7314CAzvbSw
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:51:35 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8S8zPoN_cP3ogj3uFkAlnl04HaRdzxHp8r0_xX7Cv9y3TTZauZQuH4kUQgkBnQpL4zNboOxmQlRaWtawY7Vu7314CAzvbSw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hENlYdcIHXEPhm4eT-66lE5tPIqWvVM6g6hQpqsmmk3lA929rwQfBw==
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEO1gHzdCarzm6pQDjF6elw8&google_cver=1&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
0
0
pixel
cm.g.doubleclick.net/ Frame 1F6A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-0cab4007-bef2-4d3a-9753-d516fd605943-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIhkOEvfC1G2fO1jsKY2...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&google_hm=AwyrQAe-8k06l1PVFv1gWUM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&google_hm=AwyrQAe-8k06l1PVFv1gWUM
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIhkOEvfC1G2fO1jsKY2Yzo6GEcu18mGNwcZJCpvKPrFIWaA4xivrKPykp5MfXVce-KV_k6Vb_1Bx1HdcPWZ-_SRvAfr6jbFg&google_hm=AwyrQAe-8k06l1PVFv1gWUM
date
Thu, 27 Jan 2022 19:51:35 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0cab4007bef24d3a9753d516fd605943003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 1F6A 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMK1dqyPWIbTG3vF8-elQHc&google_cver=1&google_push=AYg5qPKNPNiY3DyQNGFhnggvPs2W5X3Eo7o7J7VP4jKoeS2LkzKLhH4Bf_0SoSblSVNQG2KlZT6YCULlyAbcyIflJKmE2eDvOUsJFJM
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:51:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1F6A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaF4soGejWDO9tOLJ0Z1QAmVczZlC2WtnmHKZ9f9dZt5Luj--P2QuxqhKuqQMFUViHzf6IKw
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame E9A1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHM...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQu...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d44843f0a9391d2-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
129
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6d44843d7f9391d2-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG0WvLRZ8Fh7fjClRA3dAU&google_cver=1&google_push=AYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsCCoZVEH1BTfHxD2BNoYA67okQlCdwNCrRR3_lZUH3h44gdG30Lh0yFMztWY8SbyaUkgjZ0IHas3ljSFY4pHZL-1tXQuHMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9A1
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHSOO8QbuIc8uZCZETJ_H0U&google_cver=1&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-JbyuNSG_ew5kqS9YuiA&google_hm=1YeUx3erR3m-ehjeZG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-JbyuNSG_ew5kqS9YuiA&google_hm=1YeUx3erR3m-ehjeZGPNMqI
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:34 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPILnWZry1wCYfAqL8UQpStX48i7ldGyAj-ExxGnD9MT6e4wtTpLfhjeScBOs9msdWVE_io-Sr3aqg-JbyuNSG_ew5kqS9YuiA&google_hm=1YeUx3erR3m-ehjeZGPNMqI
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9A1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voT...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDI4OTQyNw%3D%3D&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voTHHZF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDI4OTQyNw%3D%3D&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voTHHZFIf9vhBwDdT1A
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMDI4OTQyNw%3D%3D&google_push=AYg5qPJ_9c_6Pyv-s05XUr0FCJGHj7bKyKqcYJy6QP9ylFOMj86NtfcLOXHjzNIj40Z1h5-zbX_doxubUQ4voTHHZFIf9vhBwDdT1A
Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E9A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB_ViweDJhWJZ6X2WD-WxEQ&google_cver=1&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEyNzM3MDQxMjgyOTk1Mjk3MA&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEyNzM3MDQxMjgyOTk1Mjk3MA&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8rZIEaLT91bkTCGX4AYqDmw
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEyNzM3MDQxMjgyOTk1Mjk3MA&google_push=AYg5qPKjf9pr7KArFENxqhhypEn0Tk-T69sUd-HXKg2t3EPiJ1q0LozSXI1c3ihAjY6_FvziuLzPvSQ8rZIEaLT91bkTCGX4AYqDmw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E9A1
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2e...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2eEw-EQhzGlrhC7g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2eEw-EQhzGlrhC7g
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:51:35 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK9HITdtx0aCrmE63oRcFF0O70qxog_d85cCKWoflHns72nld-oh57ghx--l0eBVSQ8qDVZ1hF8tYvo4p2eEw-EQhzGlrhC7g
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7-upCVAKwEfdnobCLTU2lm5FaOrqQnl0eE_DIP7U_3decgb7SuIxgg==
pixel
cm.g.doubleclick.net/ Frame E9A1
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGYelkHHg42zqJrF8CGASi8&google_cver=1&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0q...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGYelkHHg42zqJrF8CGASi8&google_cver=1&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4N2M1ODc5Ni03ZmFhLTExZWMtOWEwMy0wMmFlYzZkODBmMGM%3D&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4N2M1ODc5Ni03ZmFhLTExZWMtOWEwMy0wMmFlYzZkODBmMGM%3D&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3lkSzIhEQEx2pDcE9aGFG51Og7a39_S6SYh-yQ
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4N2M1ODc5Ni03ZmFhLTExZWMtOWEwMy0wMmFlYzZkODBmMGM%3D&google_push=AYg5qPJVETnMEwd6G5nYZ1Z7OsCRwYw2G8y29jS01yPNBDWP36oT0l0qla51FIkF3lkSzIhEQEx2pDcE9aGFG51Og7a39_S6SYh-yQ
date
Thu, 27 Jan 2022 19:51:35 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dot.gif
s0.2mdn.net/ Frame E9A1 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMK1dqyPWIbTG3vF8-elQHc&google_cver=1&google_push=AYg5qPKGT0I0wFqxG62k8-bOxobT_c2jo0jsAFz4yDJs026cupv67T-TYmbX7mU3-zETsj7t9VEyr1X0nc2G2JpkMNv2-ckR2ivN3WM
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 19:51:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E9A1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-urKnyBb10Zg0P4Wv2b7BO1jDW_Wp2CJ-1CdrsmaRBHWr8gLUqxXr9fwFNDip1tyDSM3LONE
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2537 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx1S8xvfyYeiuB-DO7_UPx4iK6AEAAAAAOAHgBAI&bg=!lZalltLNAAY6OBv_Ojg7ACkAdvg8Wiprdj_w4enHSEq5P3Vy1gdpelb8tGHrvpJKxdxIpoVeVmG53QIAAAHuUgAAAARoAQeZAs298IIVO8S6OEWSZ75q4hTe2pR8DNyhprDddcmBDe5693429ERwV0CkmTPFYFxxTaUK4DVIbiYrfCgFwf_jphu_Y8xbmSJ60_JbEHf8PwxdmKOfH3ZS381zYwDBMFvn1aiSz8xU3oA1sak3qZRNrglfBuefY2jUhwkLUDz0y_idZI_GyVkGib3F-yMRezaKWUhg7zJib9_QkgCalY2OYWixLTQ8OFJmiRQndjF7mHpNJeyclNHYYrstPr50dgu5jN8B-wOd0BRRQxLkmh8NNkuA2u5I9QfaRIzwkjLcU4VjFOrOq0vglmkbY7xLHeofD4-jrkH26p2OU75CparupD07lkB5Gdzgw81vezZ77YPEGtJuCakZPsFn_qogcKFOVghqlTCS5Fjy5LDGtsI3kxtrWehBSmOhARdeS8hg1MjotNZntY8yVjj6LQN9BLkYOh57ZsnYYsHXA5KuLFNIdh0M2b4hFdicYFkWfj-DTZKtrOUOl1jz5Wsyi6f9laGkJZAQRax1Bz0730a_zZ85LfMuKCz6BvRHspy40TU9cp8KB2RapAp7xl6Vn20cX1odoQUT-CyRnQOzzUIbiwN-HPNh1sWH65NmWswSLWM-rk7L0CsJF5VATFrTDTOBSuylkZj33DNtmYMnH-3-B9Xpiq_KHUxLXPUw_1QNO7RNGmdg4YxbzlobkFkuILPIhhC69ZwIhrco2lxV-wX8jhSsmqxSlX0tlmnQsgYnB_xMY-EI4rldG1ZyuaW96fXwJ901_Edz7H5SZRDCOD93npjtPmVUE3VNJCAwLF2uYu2QML0Wl5E0nN6UHGPVGtMctma4p19N1GBelaXal2xMeF_D3qExM6Vmq0c9lJANIsDATRvPY_Vjk2dwwxrnhTVfBjCMp-E2k2lEGVICAt0YoNEc3xIICX0yd8x3AfwrjVnRqk7koWia6ep4wQb6ZRcMApA
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlFmS0xlSmYxTmRhTlY1&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlFmS0xlSmYxTmRhTlY1&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfVpL7LU-zDnGjubH0VG_a7DOkx6wHtEpfJ8uL9UdYuAm010nvs9eH8
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-0f837f04e16e4c63a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MlFmS0xlSmYxTmRhTlY1&google_gid=CAESEGZAA2UHWQ3VsLROaEal-Cg&google_cver=1&google_push=AYg5qPKBuKLLNymeiZJQdanr7f7lriilm4v984aKf4c1WfVpL7LU-zDnGjubH0VG_a7DOkx6wHtEpfJ8uL9UdYuAm010nvs9eH8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 49B0 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEL1JVrEso9MQznTBCZqjz1M&google_cver=1&google_push=AYg5qPK7vTPMfuDvDfnU40eUuy1CiZK4CyINRw4lshJ4Sa7sCPb4nMZkeHBalelVt2vA1xkP6GWlfyJqPIewT_joMz7rerksX24
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHK3dH5gMFlN9oLxws_OdVM&google_cver=1&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMTAxMDMzMA%3D%3D&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC33xm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMTAxMDMzMA%3D%3D&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC33xmncJLWTgdg
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA1Nzk3NjAwMDEyMTAxMDMzMA%3D%3D&google_push=AYg5qPJiXEu2nNlwvyiVGNG0UtuFUMppL2AGB-HstRE0JApqvf10mLK7XzD-g_hYMlUBQtWfg1UILGmfhRDNlC33xmncJLWTgdg
Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKxIOuQhgknZzJiaPvcZ_E0&google_cver=1&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2n...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSSEUtMU8tQlVOVA==&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2npFe9kW5dmVLec6D2gmVtlrg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSSEUtMU8tQlVOVA==&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2npFe9kW5dmVLec6D2gmVtlrg
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYRTZSSEUtMU8tQlVOVA==&google_push=AYg5qPJpl7VxKehcBvrBmD4zElDdLdyOM0St_0m7e5c36QwssbyIa6dWHfzPK3ORFj1VfBI8l2npFe9kW5dmVLec6D2gmVtlrg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-n...
0
0
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELn-jpWmELAjtEEnVw3-Aeg&google_cver=1&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-2...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-27RyqZskcZgI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-27RyqZskcZgI
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 27 Jan 2022 19:51:35 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKS1yVy7QhYuWVizmgy_6-PHRKhkEWBcEcdJZH55U6IiguMB-9R6aDAJ8Q1sXzw4cyKjOFANfYlPcWGTl-27RyqZskcZgI
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
e_prdTlonfJNDwc2FviO2vtW44qq-4WZt-j8bUM08fslpiZQSNktNw==
pixel
cm.g.doubleclick.net/ Frame 49B0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&redir=https%3A%2F%2Fcm.g.doublec...
  • https://sync.targeting.unrulymedia.com/csync/RX-0cab4007-bef2-4d3a-9753-d516fd605943-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIyIeA_xKOfsVc__PNQT...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&google_hm=AwyrQAe-8k06l1PVFv1gWUM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&google_hm=AwyrQAe-8k06l1PVFv1gWUM
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIyIeA_xKOfsVc__PNQT3PjZ2gH6rNPRskc4rKDMUnRX_2Tg43V-LkdDZjy47ZWk2tQ_Wl9Ih9Qg3SEeaBhjSodg9Zqpw&google_hm=AwyrQAe-8k06l1PVFv1gWUM
date
Thu, 27 Jan 2022 19:51:35 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0cab4007bef24d3a9753d516fd605943003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 49B0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHj65AfJ1rLkLbsu28YVvTuUabZd5kAXIBBIjTmpSY16HApARUnoEjmcHcUSM1RwrRkSfV
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.215.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw02s17-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5876 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BljYCxvfyYdTdBqOl9u8P476o-AsAAAAAOAHgBAI&bg=!HxylHFjNAAY6OBv_Ojg7ACkAdvg8Wj8dEW6NTEtrzouIFSKeXbAWCzlVD9HXWw0mIR2B6-L3XDdE4wIAAAHpUgAAAANoAQeZAvd1x7LSXFoV3Y3mMdVgdPqAKANeWzQBg5vOqJ3bLoOyxt_Cm0IrioUWBWUq5_GziZjDJ-rVWHio9UJQfnpv5ZpnZR6CxaW-ymJq8Kgj8yv3a_v4JCeCCQrINj0414VPnRA-6x5mEq43CH9UDwePvti_-ui8qxM0ZoTzd_5ytqPSKXYex0IFUtC1mtcV-IkqOdkOmRcMaE1-QHJr9yab3wZLnhK9xe8Fb04h_6eqqsPK7R-vcSbNJRRYSju7vkTy0kLo5Cbu504GoYfyvhQGkCfFOkQJduKt4l4R5nZ5qPpJ52NulInbAtT26gsHCIYV7SBCLwYRJnlEFKrPileiffNOOGdEgrr9EAb0gmYwQMVXHo4ekGnZgVe1eCVYJ8DpyNJIeVRPVsJ1uyxa6HfMjgcWq7cBeiQpERh_CAj7TCxgG7kmpq4f898GguW0QsrkWXvFUDuEhQbVj3svwlhlKY3Y5e5bUtNcib-9c037v93nSvQUV12hb0u57b-OUJHL_zn2Kdg5KI304EndmAvpd6Z8kNbQtujFF2HCVzaIHLj0BLUKV5wHnf3__s_k4zbqBlh4UJwNkS0pLwcvfajDbu6ZbVTjjZFOvUfeffFef0pyapi-n-6iI53FEHc_83RJyuP9C4ZEyxNuoZtIYl8tv1S0JH8Gxe4K66MSC4yAWS7hvfzhVNRVZHu9S9U_CVP2UE8HXu6aS6hsOKasQDb5iST32Jszop76_-jz-hsMhJpygFJHj3IGEnn17AXS73kNBMyfuNbjcvokR73S3124nAT8S20Ulf48AlMIsJTZOp_IVPOjBv1Ggj0LzdPm9WFqmZFdY3iuSxClGrrzLeNRQvswOWpXpg9jyKdxXaDkli-MuTzSk5WEJficysSiAwTrLij54A6_1JSzMrYyNXH3X3ByrGh-hDfoIam1di_t4CtYqcpkc_StPLiPSRUIIsRji_ewM3I5_st0kAzk79m5zQVC8FrNnsvNy0iLTRUXpvVCZ1IUTsHG750
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90004.redintelligence.net/ Frame 3AD0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=51134500273550600710580011852004&a=d8516ae4&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=51134500273550600710580011852004&a=27193656
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC88 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVsLxxvfyYbHSBq7F7_UPn5mmkAwAAAAAOAHgBAI&bg=!2tml2Z3NAAY6OBv_Ojg7ACkAdvg8Wgnc-_UpC06il3JnIBAcuH5pJJii6IqBHv2J6xJeyfGvb1ImuQIAAAIGUgAAAAJoAQcKALOQrOl-wev9fzNY6kVCGlejgFG6QJFngwbeG492o6S6Y70i4qx3jpj-pPPjFuubIN_bmC36I0PJkphJ8Ytt-AGiMLkXJu5dKfHU6mDaP9OuuNRW9bI1Apa-nQ8jNtW7izOeUP0Ljdmbl3STqYGkWBiFcajbLWgeeDMo1YJvH22YbmIljurQ4PhuJ5IEAH_Coz-U89VGeVApi55EiKzS78tQxvqRCKT7JjiEwkIC8gDC_QOfopkC459NGI7FUe-8hKUVB_oFoOnP5QFlL8t8dmIWTNS9HWx7kA-4urWEbxNSy-vQpA60W5_8mDkLLw6hWdr6s1Jd-6M00gHuTB1NIailFX5GF7ON1OyInZJe8N2fo2KnKvf5vTezc0wM1_Kh0vRCDivUIYEf8MfsQaI5sFbzLxSTEd3bPmabLw9LRtNdmQcUqbg0rFuCfueYQWxb0uJNPCs5kmsJIW3-Wik5KBob4Zfj-TJ0Z6CNbFjv6uwh5ZgCA9GmZEY4veqwjtiSrNffLN3Eh-FE6NYsCxK8Ol6j05fEmP5aYTUPVVcDDge33IGV69dvU9eS8OSQeB9VPfDiEZOza9r66Hv8g3za9BhhBOiAeuX1nFlGwTDQLbm7fs0NdTJmaUneeJunoMtqWX7nDCJUW97udLaMKf78xKxVAQsCNb0_YeKfEHpsrqdLOZqXCxWU8MKMaiSnPIlVumWvqTgnQo1YuiDViIQzW6khYwND-hJ56wKjCilr4LaVVCeyF-4jou-TA4N55vC27EGoPvPYuaKmLiw8WIVcYG846SYBcXgVxfRbaCbjKIXcDVV1AngNp74jnnEshDvIZfSdzH4ekchG9LdE9z98gWttdJMQE_EPEf0VtMjeiypAyoiqEzqV6OzN9nQ_1BaBSARL3N_jNkdm70P5gxhDMYPYcuSAY8spWykUrTaFvcHpUMXoXWdmFdD_q13Bzs0PFuZPU4KeF9JMRCJQ1Bq-ZZlLptYGGYqsXKClB8hPDCJ6RwJTa9ftAsNh8DiPAd9brWeHWD7IHhplQQJ3b34yIGT5RGXaGx-HiIc8WTrqE8w0G8iSKt4JBWoFOiXTybMs3N7mpW6Cd9Gk5uxDauhccSgNqazM-_LwuP4XrCq7VPLu-MNX9r9O_YYXk4V7izg3Gd-M5sG3dya6NO2uRVAKvGf83n5zjmpF6OiWHnlFlMOeIim7I38wJRodEJ2laUtanhbCIqwjgjcyaEw
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900015.redintelligence.net/ Frame 3180 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=43952400224573300710584011852015&a=327f8ae5&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=43952400224573300710584011852015&a=cf451a61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 3180 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 3180 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
viewability
hal900014.redintelligence.net/ Frame 43BA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=92233500244512200710584011852014&a=f11b074d&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=92233500244512200710584011852014&a=7541011a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 43BA 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900014.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 43BA 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900014.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
viewability
hal90003.redintelligence.net/ Frame 128C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90003.redintelligence.net/viewability?s=10227400239371300710584011852003&a=a183db2e&vb=m
Requested by
Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90003.redintelligence.net/request_content.php?s=10227400239371300710584011852003&a=b571ccfb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 128C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90003.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 21:39:33 GMT
x-content-type-options
nosniff
age
252722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 128C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90003.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:56:27 GMT
x-content-type-options
nosniff
age
104108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 14:56:27 GMT
dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616
adservice.google.com/ddm/fls/z/ Frame 4388 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLSYnara0vUCFeZCHQkdm4wBgg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3135269575336.1616?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0771 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqyGmxvfyYa6WCK2MjuwPi4as-AwAAAAAOAHgBAI&bg=!6eql6q7NAAY6OBv_Ojg7ACkAdvg8WihN7KBZi5Y5n7FZGWC8U8Qlt1mmDAYZgs8GKAzpeZ7zc2_uLgIAAAHgUgAAAANoAQcKAA8RI1sBtJs0XAKSuT5rYr-ZAuoF-JWBuj_1Bu8_VIb62FqQl79kI4a8Egc0QwGU_u9Rj30zeXT5gJr3xgVco0O-Ls5sAZNIR1y2qRkWEX1D0q02qf3yoPzkXzWy3M8GlERvgJxxM8OseM68zINpejqrdnTcG2Lf_oGT-VYYxTDtaNIqmRt9W-7UUL2ivP2p0iDROScBXXu1wIWaY0ROSzKzyNWevK65nI4VECJ_6L97j-mKSY8iEznDLVCPaigetPCCY1pFP_j43u3sizU18PO9ImhWUlnajE1pK1NunViGCDk6LgnLRXcGimYRXqx0c8APC9QlfrybEUoYgGB9OyVM4j5T0fS9aIp-DGmtYmJ1FG7CTe5SBn_ofzxsBeEkCh2yF3X_K5iwjLhVWqF4oKEsp-Jfi0v95Qm8lrg8T-sVrhAAYiC577Ju2flLmZrulnPOJsuYFl2TIMe6ZnwLZfzoc_rO7a0pFtdYYDlkbjafruAtMl4qo04GQSPZkyXLJKOEhOovdQyjJAEEktuC1nTmyZ1KV1nrJC9plHqibBizm0DglyJR4eyXv2thcICQx4xKQDtzCEkgmkFai5PtYgLiIAAw7V_GIGmSgkqqEVNxk8-3vqnjGH1nswbvyv-Npr2MzX79OUvwWRRIzLKWgfndC_XD_xWeTWBJ5PvatltxKBL0CJdXXCVyofBYBlO9E7ujlrYDI1ETa76_xLbZH2R14Rdtp84XfTcENs99_j0Ma-p5LSq4XmTCAhXeuedWK0qGgRjqXTJH3VN4l70Ag_ASnwqRt4BkLjX7ml-JQjgKgQvIOpHdgptfv8m-h-UhGC8tqqkq-BPyzRqpjIxi-JmEn8DcvBH6GLQ29GjyTR6MZgFTPmtiO8gBIkyZXCP2zidHFv4tgqlmJ1LnuEkBl3ztMaHcCGa2-g4zg593Fah9Z4kiXZJGyrR-RzGAHbe3fXmrlw7w45aal3aVTWJEY52cj1112kKRaUVAiQafiwVXk4qqbl_hoaDWYX2Hww
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299
adservice.google.com/ddm/fls/z/ Frame BA33 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLKQnara0vUCFVqChQodBDsJ2w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=802800593584.0299?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549
adservice.google.com/ddm/fls/z/ Frame E398 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJOSnara0vUCFQVEHQkdUIQCvw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2887643270683.549?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545
adservice.google.com/ddm/fls/z/ Frame 9467 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COiQnara0vUCFZMdGwodR4IJfA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4099425385890.545?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 27 Jan 2022 19:51:35 GMT
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 7572 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31990
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:35 GMT
gtm.js
www.googletagmanager.com/ Frame 419B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31990
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:35 GMT
gtm.js
www.googletagmanager.com/ Frame 4B73 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31994
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:35 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6680 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=51134500273550600710580011852004&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59489
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
D-SXBS_jOvZFYl3irJ-f9OLtOCkidWzlylia5e43l8S4DC4sZmXWAA==
link.html
track.webgains.com/ Frame 6680 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=39729900248194900710592011852030&wglinkid=498343
Requested by
Host: uuid
URL: urn:uuid:c6702770-9efb-ecad-2853-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 419C 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv-srv.office-partner.de
URL: https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv-srv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31994
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 18:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jan 2022 19:51:35 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3D63 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=92233500244512200710584011852014&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59489
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
p9fCBLqDIl6_wgkHBJVvj_WozKxdBdLbl6VUfCeGxl92bVKipRZ0cg==
link.html
track.webgains.com/ Frame 3D63 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=50932400248199201084668011852030&wglinkid=2513135
Requested by
Host: uuid
URL: urn:uuid:c67023e4-9efb-ecad-24c7-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 9418 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=10227400239371300710584011852003&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59489
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
nIC-t93uZyNGyQAd__brAptH1yPTctMyTf-Rm-3OgRrGJVBUFFcvKg==
link.html
track.webgains.com/ Frame 9418 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=55020000266650000714178011852019&wglinkid=2513135
Requested by
Host: uuid
URL: urn:uuid:c67025aa-9efb-ecad-268d-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:35 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:35 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F36C 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=645188121543134&bg=!kJOlk9fNAAY6OBv_Ojg7ACkAdvg8WuV1WniOl4ZewNLAxkXQJJ9s_L40wukl2n2S-Dbq9a1794RjMAIAAADaUgAAAARoAQcKAKRJk2ejBrnoB4sQ1l2OBo0EWmcQLTgZvfi2GQvO2HaUL9IQuRCZCre8Z8kMZ4CzLmRro0JAcjq8ywnhopO4WIakmGA3hfyjv36srxuBEKWq1RzVllKqmJg8n_mszUjNG_FNawZubMcu9TYJK3FAZ2sm8DzxAMzawKrOFlEyj6IPI8IC-Vu91VhWBXCDhzhj1hSIaQNManzdaZQxY0ZcFoM8fUyeZZkC1xM07z_5RpX56NPLRYuj60EtRKT_qkzvMjH5msi_pQMKokFyk78zi5flLstd8QeoD_v924LJF_TC6rZYzpV5zoJRDpcjaj7gr54EWqtcTnZ59ghMIPnd5FuuLI8UAekeCeIGaTgQ9UVB9fMHNWe7Zo08u7wdGb2rn6nBMMlF8PZdsy_IuENqlSpHreRZ3qkQrTC6-4zSnyOCLIXxMbbcHZeilcnHdpo87JMTJY7lpMUuDGCPSELXItJbF2dPicm9TUZJALJKwmNXJh86e2_ZqqGl13-VKLxuJmJF3wnR4WH6ETIInFVz87iDK71RINgKjEcAEAddKX9D2bE5oEZ0BK5muFNi4OA0WGC7agIzRnacNfJSqEnFPMzauDIWlKQQqx_W43NvQOiwj3Ak9yuXYh_-zA6w-RCKB8IX43aa1Xd6eiwe5lRkkgwyWA8c5_lJLMnVaJypGfmQdlw541fwfUM3zoqDHy3OEGX_4vK_NHa3TgE8jODTGMgykhSJVFmeJn3FMNzOlk0fl80VeilCgFoWHm1cRTsq9LB5pR3WvLc716JSaC1FLHuw1vp31b_VHw6dZYHhdcRSuajsIHiTqHW6wPKzTg_HbGZe35pgF9DcdcLSLt69HBcIKTKES9rVc48TaEFPd6opUIgzywV6fsOvC_d7oe_FJHHR9vI_Im8-r4twLvWQUHeqpeGPKcWguPzNZ4jPtNhohy9ARX4EUWdQCF09p1R5PS3cgzxATPxs1ZZz2vHEco-ktrnB-iwHKyS9jiIPkhexEnybod7882uzMobd5EqF1BM4rIWcubRmVKpkEzqMuG5mcqd6Z6_P-n7TZHtxsE9lqiFjtDSAFMEK5Y4zmOuElqVdxJkP_Mg1to0FfuNYwSFHQQuVFxCF4xNa_Qn_9f9i3PJXzAA-AS5uEUeucZ2kploDk52dSdMnrflWX9K45pv708CBgEZ1VzmtaSPAFjM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 059F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843e7a839128-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 059F 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843e7a889128-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 059F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44843f3901912b-FRA
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame D8A6 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843ebb8b9128-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame D8A6 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843ebb8f9128-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame D8A6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44843f3906912b-FRA
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 0B35 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843ebb949128-FRA
expires
Thu, 27 Jan 2022 16:06:45 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 0B35 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42976
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Nov 2021 07:50:03 GMT
server
cloudflare
etag
W/"619c9d2b-723e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6d44843ebb979128-FRA
expires
Thu, 27 Jan 2022 16:06:44 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 0B35 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6d44843f3908912b-FRA
collect
d.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://staging-dbr-pwa-posthaus.ecosweb.dev.br
date
Thu, 27 Jan 2022 19:51:35 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
eum.min.js
eum.instana.io/ Frame 0B35 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
209361
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4484407e2d9261-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 0B35 		15 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID&ref=
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44843fced29128-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 059F 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
209361
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4484407e2f9261-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 059F 		15 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID&ref=
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44843fdee19128-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame D8A6 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 09:07:33 GMT
server
cloudflare
age
209361
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6d4484407e329261-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame D8A6 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID&ref=
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6d44843fdee69128-FRA
content-length
15
rum
singles.parship.de/cdn-cgi/ Frame 059F 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
b9ffeeffa670f8de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
X-INSTANA-S
b9ffeeffa670f8de
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=b9ffeeffa670f8de
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448440c9939128-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 0B35 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
19d76e76f5161388
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
X-INSTANA-S
19d76e76f5161388
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=19d76e76f5161388
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448440d9a69128-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame D8A6 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
79317f2bc779caa5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
X-INSTANA-S
79317f2bc779caa5
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=79317f2bc779caa5
content-type
application/json

Response headers

date
Thu, 27 Jan 2022 19:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6d448440d9ba9128-FRA
vary
Origin
pvClk.min.js
analytics.webgains.io/ Frame 3455 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=43952400224573300710584011852015&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-33.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
59490
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 27 Jan 2022 03:20:07 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
ddT6jJoekIo56ynmYYJkR8KPFluyPqBrlK6O9ZzYNHxtQ1tRH13yTw==
link.html
track.webgains.com/ Frame 3455 		85 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=64173300260635900718680011852029&wglinkid=498343
Requested by
Host: uuid
URL: urn:uuid:c670221e-9efb-ecad-2301-ecad9efbc670
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Jan 2022 19:51:36 GMT
Last-Modified
Thu, 27 Jan 2022 19:51:36 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
85
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
eum-eu-west-1.instana.io/ Frame 059F 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.107.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-107-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da930-7faa-11ec-a32a-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:37 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 0B35 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.107.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-107-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:37 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame D8A6 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.107.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-107-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885dab06-7faa-11ec-bf41-00155d53a129ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 27 Jan 2022 19:51:37 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2
Domain
staging-dbr-ws-site.ecosweb.dev.br
URL
http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?itkZTA

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| __APP_CONFIG__ object| capture object| __posthaus_DATA__ object| webpackJsonp string| GoogleAnalyticsObject function| ga object| dataLayer function| OneSignal object| scCGSHMRCache number| __mobxInstanceCount object| __core-js_shared__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| __oneSignalSdkLoadCount function| __jp0 object| google_tag_manager function| postscribe object| google_tag_manager_external function| getElementByTypeAndInnerText string| masterUrlGoogleAds object| theHead object| theHeadScripts boolean| findSomeScriptLikeTheMasterScript object| scriptSecurePubAds object| googletag object| adsComponents function| refreshAllSlots function| getElementByXpath function| fbq function| _fbq string| PMTagObject function| pm object| e object| uetq function| twq string| bannerMobile function| insertAPPElement string| TiktokAnalyticsObject object| ttq function| UET function| UET_init function| UET_push object| ueto_5933ab8ce4 function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ADMITAD function| md5 object| ad_product object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge undefined| google_measure_js_timing function| clarity object| hackernet function| setFullAds function| bannerHeader function| bannerTextoPublicidade function| bannerHorizontal function| bannerQuadrado object| criteo_q string| mobileDec string| mailCliente function| detectCriteoMobile object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

99 Cookies

Domain/Path Name / Value
.ecosweb.dev.br/ Name: _gid
Value: GA1.3.1594865279.1643313091
.ecosweb.dev.br/ Name: _gcl_au
Value: 1.1.1359889109.1643313091
.bing.com/ Name: MUID
Value: 24C48635B5E4637F2ABA970CB43662B7
.ecosweb.dev.br/ Name: _uetsid
Value: 8636f3a07faa11ecb42be5d548d025d1
.ecosweb.dev.br/ Name: _uetvid
Value: 86370fc07faa11ec8677cdc6194ad8c1
.ecosweb.dev.br/ Name: _ga_RF7L3756SK
Value: GS1.1.1643313091.1.0.1643313091.0
.ecosweb.dev.br/ Name: _ga
Value: GA1.1.509527467.1643313091
.ecosweb.dev.br/ Name: _ga_PL4DYBH48C
Value: GS1.1.1643313091.1.0.1643313091.0
.ecosweb.dev.br/ Name: _fbp
Value: fb.2.1643313091554.1846665690
.creativecdn.com/ Name: u
Value: Q6JPSsYQ9Il4aLp1p8vg
.creativecdn.com/ Name: ts
Value: 1643313091
.twitter.com/ Name: personalization_id
Value: "v1_je2vMsHl5aL++l+ixIS9qQ=="
.t.co/ Name: muc_ads
Value: f84f7f10-fa92-4f91-913f-a112ba2e0108
.c.bing.com/ Name: SRM_B
Value: 24C48635B5E4637F2ABA970CB43662B7
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 24C48635B5E4637F2ABA970CB43662B7
.c.clarity.ms/ Name: ANONCHK
Value: 0
.ecosweb.dev.br/ Name: _clck
Value: 1kbhs55|1|eyh|0
.ecosweb.dev.br/ Name: _pm_id
Value: 545001643313092222
.ecosweb.dev.br/ Name: _pm_sid
Value: 136561643313092223
.ecosweb.dev.br/ Name: _clsk
Value: 1xp4948|1643313092430|1|0|d.clarity.ms/collect
.ecosweb.dev.br/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUknIU_ceCPJZHH9E-35g_Dd6jjJwIuHu1vTltsj3r2_woxyzXDXEzySsxVs
.criteo.com/ Name: uid
Value: 01baaaf8-51aa-4c45-a3ab-77a46ac87bdd
.ecosweb.dev.br/ Name: cto_bundle
Value: QaKFBl8lMkZYZmlnQlolMkJleWVLckhZZHVjZDg1d3BMZHlVQWRCMk1BbWZyT3F0dmZwJTJGUFlpOXh2bkRyRVVNVXBjVmMxTWx5c2l0ODJmUnVUJTJGUVZYNCUyQnhCY1lxaVJwWUFpbmwlMkJIT0t1Z0hUaTMwQSUyRjVXY3NzTiUyQnclMkJJeW9CSWw2ODJFRnd5cTNBY3dwNjBXUm9MNEY4cngwSmt4N3clM0QlM0Q
.ecosweb.dev.br/ Name: __gads
Value: ID=dd63ec6c8e6fe22c:T=1643313093:S=ALNI_MaWtR6GfMgUsuH4KM2YDNqBu6iDcw
.advertising.com/ Name: APID
Value: UP87c58796-7faa-11ec-9a03-02aec6d80f0c
.adnxs.com/ Name: uuid2
Value: 7932158940085761062
.yahoo.com/ Name: A3
Value: d=AQABBMb38mECEM2KXT0_-LjdQIL_WdkR-EIFEgEBAQFJ9GH8YQAAAAAA_eMAAA&S=AQAAAgSvh5uAGKcPr3sCTLs5UgY
.yahoo.com/ Name: APID
Value: UP87c58796-7faa-11ec-9a03-02aec6d80f0c
.taboola.com/ Name: t_gid
Value: 71c8f3a7-8de6-4d41-94db-a2b5479a276e-tuct8ec7d46
.360yield.com/ Name: tuuid
Value: 20dd068a-1ca9-4755-9870-33696d00747b
.360yield.com/ Name: tuuid_lu
Value: 1643313094
.media.net/ Name: visitor-id
Value: 2863146948397069000V10
.media.net/ Name: data-c-ts
Value: 1643313094
.media.net/ Name: data-c
Value: k-IAIAt1or1Uyo2aT16hvnsDynyrq2dQsO9M9RWw~~3
.bidswitch.net/ Name: tuuid
Value: 7fef34e4-caa4-43f6-a07c-4e02cda4631c
.bidswitch.net/ Name: c
Value: 1643313094
.bidswitch.net/ Name: tuuid_lu
Value: 1643313094
.demdex.net/ Name: demdex
Value: 62415875945156613610271247316592342330
.360yield.com/ Name: um
Value: !38,K1SVCk6LYuXRjxekos-UwNXorRfwoARLcDOMb..DoME-d337JSXRvMajKB322Hkx3N6i8cev,1651089094
.360yield.com/ Name: umeh
Value: !38,0,1705521094,-1
.casalemedia.com/ Name: CMPS
Value: 3267
.dpm.demdex.net/ Name: dpm
Value: 62415875945156613610271247316592342330
.spotxchange.com/ Name: audience
Value: 87e76be8-7faa-11ec-9e9d-1365eaaf0306
.tapad.com/ Name: TapAd_TS
Value: 1643313094328
.tapad.com/ Name: TapAd_DID
Value: f249855b-ab57-4cac-8463-0bc701191967
.casalemedia.com/ Name: CMID
Value: YfL3xgTUAQLQXxf-WeOEkQAA
.casalemedia.com/ Name: CMPRO
Value: 1143
.rlcdn.com/ Name: rlas3
Value: pRNiaY3rs34yO6CwmKxtux8XqAIxa4TvSAeCWmcq0is=
.rlcdn.com/ Name: pxrc
Value: CAA=
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.casalemedia.com/ Name: CMRUM3
Value: 2d61f2f7c62760CAESEGdolO86iVeEk6mlVNTSvSA
.adnxs.com/ Name: anj
Value: dTM7k!M4/QD>6NRF']wIg2HaON/7S9!@wnfH8K6pQK`!5=E<*L5?%KHh/:_DiK0e/mcP93lgH1+2HW.EAU'o2j/A*v%x%x`+/ev2+ZQak+1q4ODNRCLXuBJGQ):Yh+1j-72xYcM::F9!rXLRaL)/^SpvMQi%p[s>%q)3R!0Ob=
.mediawallahscript.com/ Name: mCookie
Value: 87f808f0-7faa-11ec-b1a2-69c9f9a7f967
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.addthis.com/ Name: ouid
Value: 61f2f7c6000193d4ceb695f7861e61cd13ccc8c52677f99b46b1
.addthis.com/ Name: uid
Value: 61f2f7c6245745eb
.addthis.com/ Name: na_id
Value: 2022012719513438700825640499
.outbrain.com/ Name: obuid
Value: 797dc7c6-1b07-4b70-99da-bd44250642d5
.outbrain.com/ Name: criteo
Value: k-8EMMS1or1Uyo2aT16hvnsDynyrrm0Z7Lt91B_g
.tpmn.co.kr/ Name: uuid
Value: d6b3751cc5a54fd2a27fb221285a33c9
.tpmn.co.kr/ Name: criteo
Value: k-2AucO1or1Uyo2aT16hvnsDynyrp8Y5FtvWs5eQ
.turn.com/ Name: uid
Value: 4507735809063745101
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 5595ccd169ec1069
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-JNFpnlor1Uyo2aT16hvnsDynyrp0rDe_uZl-7Q&KRTB&23286-uid:k-JNFpnlor1Uyo2aT16hvnsDynyrp0rDe_uZl-7Q&KRTB&23287-uid:k-JNFpnlor1Uyo2aT16hvnsDynyrp0rDe_uZl-7Q&KRTB&23288-uid:k-JNFpnlor1Uyo2aT16hvnsDynyrp0rDe_uZl-7Q
.pubmatic.com/ Name: PugT
Value: 1643313093
.pubmatic.com/ Name: PUBMDCID
Value: 1
.awin1.com/ Name: awpv11524
Value: 296283|1643313094|88467713-7faa-11ec-a3bd-223656459fca
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.awin1.com/ Name: awpv22610
Value: 296283|1643313094|88512574-7faa-11ec-8c3f-2264c4c094f2
.medialead.de/ Name: trscj
Value: MTY0MzMxMzA5NXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRFd01qSTNOREF3TWpNNU16Y3hNekF3TnpFd05UZzBNREV4T0RVeU1EQXpKblE5YUhSc2NBPT18VGs5T1JRPT0%3D
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1643917895%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22885daa5c-7faa-11ec-a32a-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bi%3A1643399495%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj885dc654-7faa-11ec-a32a-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1706385095%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22885da9f8-7faa-11ec-a32a-00155d53a129%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221643313095%25%255503284%25%25885da930-7faa-11ec-a32a-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1658865095%3B%7D
.adform.net/ Name: C
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7057976000121010330
.ctnsnet.com/ Name: cid_d58794c777ab4779be7a18de6463cd32
Value: 1
.adform.net/ Name: uid
Value: 4127370412829952970
.singles.parship.de/ Name: __cf_bm
Value: dipkTHE.GG0XEmAPZlUSKCteajOdfoGLzVw9Zg3wVN0-1643313095-0-ASy7FXIKOVz0tLL/Go+QgEN58cMN2zYZs7Hc2CaUz1UesodP1es30HUcRtAZxF+mGgW5HrI4dsVtX1b3psfGxE4=
.casalemedia.com/ Name: CMST
Value: YfL3xmHy98cA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1761~22wj:18wq~22wj"
.yahoo.com/ Name: APIDTS
Value: 1643313095
.blismedia.com/ Name: b
Value: 61F2F7C7550EDA6E9629D18ABLIS
.mathtag.com/ Name: uuid
Value: dfba61f2-f7c6-4e00-993f-523cc1eb9b89
.mathtag.com/ Name: mt_mop
Value: 4:1643313094
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0cab4007-bef2-4d3a-9753-d516fd605943-003%22%7D
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1643313095489,"clickCookie":false}}
pb.media01.eu/ Name: ASP.NET_SessionId
Value: t3wdeq4ugfr4l5emqmk114u2
pb.media01.eu/ Name: DTU
Value: 822D0316E74F871C1CC398A22734387F
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0cab4007-bef2-4d3a-9753-d516fd605943-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aWnseFujieFo7YxU36h1NNWdnaS3d3uoZcZanEmgfGolNf6g4Bm44dDGkXD692xHcIc1Ut481aDsPCqA9WZaDUP
.w55c.net/ Name: wfivefivec
Value: 2QfKLeJf1NdaNV5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F4DBA676-03AC-429E-A2CF-AC29C23EA640
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID_TS%3A1643313095
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1643313095.5503284.885da9da-7faa-11ec-9915-00155d53a129ID_TS%3A1643313095
.w55c.net/ Name: matchgoogle
Value: 5

15 Console Messages

Source Level URL
Text
network error URL: https://www.google-analytics.com/gtm/js?id=GTM-KMRF2H8&cid=509527467.1643313091
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/products/autocomplete/v10/?relativeURL=%2Fbusca%3Fpalavra%3D'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/store/home/v10/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/shopping/quantityshoppingcart/v1/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/store/banner/benefit/v10/?relativeURL=%2F'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=0'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/v10?page=home&position=2'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/vendors~app.34695cf0dc5e60fc7077.chunk.js(Line 20)
Message:
Mixed Content: The page at 'https://staging-dbr-pwa-posthaus.ecosweb.dev.br/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://staging-dbr-ws-site.ecosweb.dev.br/rest/showCase/lastViewed/v10'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-Xd0BxFor1Uyo2aT16hvnsDynyroCYuoYVepO2Q&ct=3&cv=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKPgxbaZpqn0amIY5ucvuVyKOe0HOaUJ98iYgoAKWXzratwFLtp-2aBpYQJxXJJjwPXD1Mpa0NLFGx_azHu5dilTtevAjvvng
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfL3xgTUAQLQXxf_WeOEkQAABHcAAAIB&google_cver=1&google_push=AYg5qPLjcNFOeEVtV3p9e8drMAty2KUfZfDIDVpaL-qRCqthraLqTzA4nSQWm6jmSsxkjpyVEv-nvAMKS8TYuUvc6EfZmaDAZbM&google_gid=CAESEKS5mzAgvfSdZ3ymrF81VhM
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://staging-dbr-pwa-posthaus.ecosweb.dev.br/home.fcc9f923176363b12784.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://staging-dbr-pwa-posthaus.ecosweb.dev.br/product-details.94d0f6349ae3ef70ac80.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://staging-dbr-pwa-posthaus.ecosweb.dev.br/
Message:
The resource https://staging-dbr-pwa-posthaus.ecosweb.dev.br/desk-product-list.55194cb73643539c1c8e.chunk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
ad-server.eu
ad.360yield.com
ad.tpmn.co.kr
ad.turn.com
adgen.socdm.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adv-srv.office-partner.de
adv.office-partner.de
analytics.tiktok.com
analytics.twitter.com
analytics.webgains.io
bat.bing.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.onesignal.com
cdn.pmweb.com.br
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
crb.kargo.com
cs.adingo.jp
cw.addthis.com
d.clarity.ms
d.turn.com
df.pmweb.com.br
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900015.redintelligence.net
hal90003.redintelligence.net
hal90004.redintelligence.net
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
ipv4.icanhazip.com
mug.criteo.com
onesignal.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pb.media01.eu
ph-cdn3.ecosweb.com.br
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pv.medialead.de
r.casalemedia.com
r.turn.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
singles.parship.de
sp.analytics.yahoo.com
ssbsync.smartadserver.com
sslwidget.criteo.com
staging-dbr-pwa-posthaus.ecosweb.dev.br
staging-dbr-ws-site.ecosweb.dev.br
static.ads-twitter.com
static.cloudflareinsights.com
static.criteo.net
sync-t1.taboola.com
sync.1rx.io
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trf.greatviews.de
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
uuid
widget.us.criteo.com
www.artfut.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
staging-dbr-ws-site.ecosweb.dev.br
tpc.googlesyndication.com

104.18.114.97
104.244.42.131
104.244.42.5
104.36.113.17
104.36.113.23
104.88.69.102
124.146.215.42
138.201.135.164
138.201.63.116
138.201.63.117
141.226.228.48
142.250.184.226
142.250.185.230
142.250.186.98
143.204.215.33
145.239.193.130
151.101.12.157
176.9.26.250
177.101.99.62
178.250.0.163
178.250.2.146
178.250.2.151
179.191.187.65
18.230.146.239
184.87.212.24
185.184.10.30
185.29.132.241
185.94.180.126
199.187.193.179
2.20.157.55
2001:678:cb4:bbbb::13
202.241.208.2
207.198.113.176
212.82.100.181
213.19.147.44
216.58.215.98
2600:9000:223f:3400:1b:5138:8a40:93a1
2606:4700:20::681a:6d
2606:4700::6810:125e
2606:4700::6810:5f41
2606:4700::6810:cc16
2606:4700::6812:c05
2606:4700::6812:e134
2606:4700::6813:b979
2620:112:f006:bbbb::12
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4007:81a::2008
2a00:1450:4010:c0e::9d
2a00:1450:401b:804::2003
2a00:1450:401b:810::2001
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a0b:4d07:101::1
3.124.111.31
3.126.56.137
3.64.249.36
3.66.195.154
34.102.166.132
34.247.120.79
34.255.54.140
34.96.105.8
34.98.64.218
35.186.193.173
35.227.248.159
35.244.174.68
37.157.5.142
37.252.172.123
37.252.172.37
40.76.174.66
46.236.13.147
5.1.80.163
52.142.114.2
52.196.179.39
54.205.41.248
54.76.176.197
54.77.107.100
63.35.20.93
69.173.144.165
70.42.32.255
72.246.170.168
74.119.119.150
85.114.159.93
85.239.105.10
88.198.250.30
95.101.184.154
95.101.27.84
06a07fb091c0101fbbeb34d036e1f88cb48a614ece9758cda145762cd6867de5
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09dfdababd4f3eb1acc2ac9b8817c156f1c41ab13546438a746960db1f051d8c
0a130362454aa6b5168cbce1db18c34d64d7ba4797b97d202ff398ca0177164e
0a196246e506372aca0938ed6a26d70b8dbff8baf378ba0ed4b57a38970e8daf
0b7e5aec1bf22f9d5502c0a076cb17209621e5f51ce399a020e6d280b7a05742
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115a0b9f6e83e14fba30797e97df2fc5bce3d2ee03755aed21ea7d983e22c941
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15524ee5f7a61cf96454a05a43fd97edbdee2c202653b96116f26f7e507e1654
17bcc3658ee656d1a46a696a42e7b40c5b31b36057cf2726bdb1cf8aa90c2db3
1a58042ff47729c4da77cbb690218d461cc04195c365f6bc17d61bbcb3b1f7d3
1aedf020291a2524a57e0afd748a2a08189a2c59c8e6f94fbe8ee8776b1014b8
1baecde592fc2970ed07fd23c1c63e7c7f7cc7bc7e1c89a87d2171dfa20bbe73
1bb39f2e41475075c585cf8a90bb256c35177f80036af0267f3a5d35385df576
1df1bedfc6649bf041238e418e2b67864dfa1905e57e6ff05a60381726413940
20a8391f687707264330dcfd14a1873176ed091b67359347ebc3d9ac24b9f546
20dbcc48ffb976237082ff4b9113ae1912e2774043f4113a3b30bce1cfa3b67f
21c5a4ba5e0b4c2085dc57c96897f9d41aa78540a4196bf45003590a21f0a00d
223ccf9dbd4d2c4cb623630faf509d8f16a4d083d1baff66c3958629b704bb30
22d7ce21ddc25895fb3864c49426286538d566a788788761d93cf6847af95d9a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24333fd1c10e2127184a4a8fa0552b3341720b3289c15dbfe0146fe8b4a29892
25566d3123c1602708a1a9c51f4aeb398f58de228626d8f9ce90f1de734d0d79
25d7dc5aa3e710644edbf10667c4bc1227c4deb84da2314bb0c7aca228c8f4b0
27b6f64d8af49d6bbe36f5c3fa80213bafd6ee55a624d2194e067b2e4a249184
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d830f64601ac1618901c7f019cdfa32c9e92125446a4b0bc62d8559fec908b1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6b13b1c0d3fef19b11ab7de7c79150094d513e9f624516427837def27395e3
31dfb7610d826d312c1720e980234de2269bedb09591f134f87ab8d6840ccb6c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3739254e267a5f9d7f1a73e7fcc4beb47c2eca194e3334519a078d9ba96f211d
37756fc4581c844e472ce599eb9ef847b6a668fadfaef9599b7ea9afceb54f46
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38b1c219fe6f56f32447651c708acb690e03ee0bfaf27fde08583ded31ae3e4e
399c127003488f2737c0e966d2a6cabf25ec632a7e94bb087d4f2df67566d4c7
3c7188156e3220b6c96061728d90cb3fd8e8b7a91f16d647c835fcd03efac081
3c7aa3ba0aeef9b70abc6a75639fdba23f7ab13491c22c9b91d5d34600eec809
3e84b01a19ac7035d8eb600f523ffdf05f8e6fd4ee6d09d4a3698812de4fca83
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6f0d34eeede8986915f7f53c76fd5e67e547d3c7320e3a05fb277fcc9895ad
41a0721c9b6ded37de01411d45b29a274d2fa94558ff36013277ac54452d30cf
42163a7c55b8f00f4276c06c1b47118dff268c8027b9b436efe5be5fbdd30cbe
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a81249aee7ad648940c03b47a8a08e59b0d480424c0815cca32573ead2bb116
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb51ef7c4c8f46e4a26dc7352da4f084ead0ff11931c0eaa7e6686ecf6662af
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
54f4d60f804042e75dd677b4f2cb57c5dd1744a8b2d4c4b2a42a6a04e88e0fad
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5a5e038b36adeb2c744322952e5fdb4a6f57acaef5b1109e480bce66c040efbc
5ae5c20828dd70814e9700d5acabb9a7c7403494da12620c36a03043ea9046b2
5ee3092d61a20c306ed5e87a9efaf4ce8e5481972ecdbd15027ec9794af6a5ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
661ef97c7583f3594bfd2b45dde7c3963e201000ed93abcde35ca4c0186197a6
683dfc6fcf043d7cd24d613bb25f2ec8ff0e5a6363675fda883073bdd107ef72
68735f7b79a4c29bb494587c67e67906047dbb800e66d50f67cd8963c459b4af
69740dde1b2dcafc780b3b79e4f41ac98d5aeb282cda3f68d961aded4d0d2eb2
69a28b5f7e8821e57c2e9edfa510684a25a95503b1ab7647826b786a312ade06
6c12a2e1c137d9d9a44b0066f5af75f857f02c1507853146687df8a74215be91
6e40e39ad2df24aef14900976dda5577cdf932ee9897044247ab20d6a5f1a4cb
6e488ad6c6b6afcaf4a252740b31d099a4b316c887566d61b3bd096fb066ab2a
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
77c753ede714812ca10e0b8a6f64e806aea2b9cc358a4d1e533e59f6b4f83f58
7a32386de5ea4faed6268eb9d003f8356e544cb1d000cb572ce22a35f4876f9b
7a6c4bddc35468138fa47f8f1f5d6cb90a9f9adbea24710b7373b89970d1575d
7b0f10808975bd483784cc8fed43fdbb331c09ad1ce1eff16a9d165441353149
7b5702e19970ce41380ca449d54519f428482977c78275255e909046ae97c445
7cbf0f8a8a0cfb31561ba78e03128c09a57beff4dd07f37f11a3b2f120705ca5
7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae
7e140f35e7c47baaf574e9321f534de355df62e958841f1900fe62e8cab897ec
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84affaaa12618c4c6301ebac4273d52f9aa3341ca6079187ac890587ba804c76
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89468aa9c0c7c94e7ccaeaf3a594f4c16c96f9e4db6137bb723b9544f4b7954a
89f11275ff9412091af4c4d1bf259628a23068f110414e343f61f4f0a8b1f8c7
8bd899fbb79026f90cc487cf6207cf11f5b2944ed6b42f450a1465348b5ca6f9
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e77aa0c8ce495b82e8c0cdb2da40716a5c84ab66a1ecf2e2b1adce2341da931
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3e7b451fee60bcf5ba024566a2833a6acb01b42e5e8fff194a575a9a1b4cc7
9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c
9de2021984ff9e363c836f1f22aeed71a60a828dc57ac190995f92f143fd8f60
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9ef9c7fc84c9e8ee640336cc71ad7227f109bbe9bc61ce624251e478aa0b868c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a422c64bd8fab59b3ab1c52236045a176023a6cc43cebb3d5127e7754d3db2c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b6a9785aafa7a787e2cb2703ccd7616d5410b1a7b4132dfc675d0651d14096
a75db787fe2e0931fb103fabb0e91f90f6cb31186878fc5e5ae7470d2aadc0bc
a873d535434a6c7ad844ae74eb09ee80c749f1c8d5722dfe3c58c06c915b2b93
aa0d53d2b7c918d764f7ef97168ca41d32d37459eb29348a726c9f9b7cf51e6f
aa4eaf475d19a34d07ff14c8c3e3183cb520fefbdec3f51780aee70e2718ebf4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b243631b2049e2222ee338f14a169594a7e07fcaed5f24787c0b0b1bb3a5db0b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b67c8df9c85e5d0cc79b818c8ba67dd5b5646170488d095097c20152b590ba68
b8bc2b0c3cefbfe12f3fa652082bf50cf410c188eb00c33cf1fd158d349acefa
bb54a1ca8d95e65565fca53231136966271351688dd019e0c67916b66fd818ef
bbf9bb6a04e158a4259c7a1ddcccb460c069c95bd252bb1fd061a2a69d1bbf9d
c52686d553c6e2f85b272710c2b92bfcee879d16c73c021c9875c621da492738
c54adb030fc52ff4e772349c8c177258999bf2e0b009de0f80ff347068d407a0
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c8234095c4d6495e0588aff7b14132450368c3b9c3aac41ae556028742deb715
ca58a9825ad59de67df88a60b6bd38fddbfbf13d0ec427e06817463a25683ffa
cb2bbeec8eebaed8b14c525f1d293f824016b46c1df016710737a7dfc0711907
cb9070527089033a6a03cfa6dfdaa990dc773b5659cc68fc907f773673d2562b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1dd0e6a6732a80f3978c1d516a88afbd6b3b44f105209a4e036a07439c4e7e9
d8c4476bab111efd48e842ebb2618092008da3869f86314ece934c72dc9c599a
daaf43c79a78185d04589b7b3ef5348f98beba8e3edf78069418524cb18792f5
dc128e01895c3673761c6d95107a8bd3bf9605e6cc56cddbc3a242f7b3ff655a
de57e553119f7333a752226c60c6c16c3fadadf332928aee6e4e2181642ae361
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e25840c5281b7367276ccd9086150402ee584b32242fa0fce5a47b79a31f0b78
e34ac9a85c13a6454c8ee992fdbe204175d50f002e3a9380ab8090d5161a886a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444e8744871fda2c920b0526bd9eaee33660153dbe548cd5df4055d970b8d78
e49ed459f83ec18c1a47725c324859095471f1ba59c3f4ace7012db27a1a50ae
e4ae35cb48a049bfc6702536b8caee2523a58b6e0583a31d4cff3136b86c1a55
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ead4c1e570e25609250f45aa137be78bc15a59db3b314568b1e7e8e26c7faf
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8aad3edde45bb3026e34d765b4720fa7065399b7416577a58df93e74e35bf90
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ebc8684d747ecd45128ed71c873eb6b02b40e7345bf07a1a73f6ea1ce3c12a16
edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454
eed0bff3d70e8c7847c6ee8d9613f2abbdaae38d353e4a61583416ad90362bff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0de46f1ef430bf7d10806626320833bfb4909d0816538fb49de204620cf7158
f14bb5c3207a07c68b19decbc9b938753767535c2c1914da9cb8b2be6536b21c
f1ffbc84839ac4ef3032fd2bbc52f8543d09e414ce447528b36cb4c781b9f799
f626080b7691b566199c53e0d4bc86026350f8ccc728bc560e804c8eb7d84bd2
f8938364a937bacb16c27dd1f21d0d7c9e814b1e60ce0ada4b7e5b70bf99a280
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe145141adf7a295eb02f9ea18fdeb289330ce47fb5837927272ac21b6da4bbc
fe8237cfa6bab4b205320dc57775dc118244de737cf5b08047359195f5a07f55
fea60809cf148839eb77568352e7ef2d9b156db8978b64ae5bb5b16018a18f74