urlscan.io logo urlscan.io
SecurityTrails logo

www.op-seken.com Open in urlscan Pro
188.165.2.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.op-seken.com/
Effective URL: https://www.op-seken.com/
Submission: On February 01 via api from US — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 7 countries across 26 domains to perform 244 HTTP transactions. The main IP is 188.165.2.137, located in France and belongs to OVH, FR. The main domain is www.op-seken.com.
TLS certificate: Issued by R3 on December 22nd 2023. Valid for: 3 months.
This is the only time www.op-seken.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 94.23.159.185 16276 (OVH)
7 188.165.2.137 16276 (OVH)
1 172.217.16.202 15169 (GOOGLE)
8 188.114.96.3 13335 (CLOUDFLAR...)
3 178.250.1.3 44788 (ASN-CRITE...)
2 142.250.185.136 15169 (GOOGLE)
24 216.58.212.130 15169 (GOOGLE)
4 104.21.235.75 13335 (CLOUDFLAR...)
29 104.21.31.159 13335 (CLOUDFLAR...)
5 12 104.21.233.198 13335 (CLOUDFLAR...)
1 1 188.165.46.1 16276 (OVH)
1 54.38.45.96 16276 (OVH)
4 146.75.120.193 54113 (FASTLY)
1 162.159.128.232 13335 (CLOUDFLAR...)
1 162.19.58.161 16276 (OVH)
2 104.16.85.20 13335 (CLOUDFLAR...)
2 142.250.185.238 15169 (GOOGLE)
34 151.101.193.44 54113 (FASTLY)
1 2 142.250.185.104 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
2 178.250.1.8 44788 (ASN-CRITE...)
7 142.250.186.130 15169 (GOOGLE)
1 18.239.36.96 16509 (AMAZON-02)
1 188.114.97.3 13335 (CLOUDFLAR...)
5 178.250.1.11 44788 (ASN-CRITE...)
1 173.194.76.155 15169 (GOOGLE)
6 172.217.18.2 15169 (GOOGLE)
1 108.157.4.7 16509 (AMAZON-02)
12 142.250.186.162 15169 (GOOGLE)
6 142.250.184.193 15169 (GOOGLE)
2 142.250.186.106 15169 (GOOGLE)
3 142.250.184.227 15169 (GOOGLE)
21 216.58.212.161 15169 (GOOGLE)
3 23.197.120.249 16625 (AKAMAI-AS)
1 5 142.250.186.68 15169 (GOOGLE)
3 213.19.162.51 3356 (LEVEL3)
6 88.221.125.233 16625 (AKAMAI-AS)
3 213.19.162.57 26667 (RUBICONPR...)
1 141.226.228.48 200478 (TABOOLA-AS)
4 63.34.153.16 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
3 141.226.124.48 200478 (TABOOLA-AS)
8 151.101.129.44 54113 (FASTLY)
6 141.226.224.48 200478 (TABOOLA-AS)
1 141.226.224.32 ()
244 44
1    94.23.159.185 (London, United Kingdom)

ASN16276 (OVH, FR)
www.op-seken.com
7    188.165.2.137 (France)

ASN16276 (OVH, FR)
www.op-seken.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net
ajax.googleapis.com
8    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
illiweb.com
3    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
24    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
pagead2.googlesyndication.com
4    104.21.235.75 (None, )

ASN13335 (CLOUDFLARENET, US)
2img.net
29    104.21.31.159 (None, )

ASN13335 (CLOUDFLARENET, US)
i.servimg.com
12    104.21.233.198 (None, )

ASN13335 (CLOUDFLARENET, US)
zupimages.net
www.zupimages.net
1    188.165.46.1 (France)

ASN16276 (OVH, FR)
PTR: archive-host.com
www.aht.li
1    54.38.45.96 (France)

ASN16276 (OVH, FR)
PTR: filer-s2.archive-host.com
sd-g1.archive-host.com
4    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    162.159.128.232 (None, )

ASN13335 (CLOUDFLARENET, US)
media.discordapp.net
1    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
2    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.google-analytics.com
34    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
imprnjmp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
ssl.google-analytics.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
7    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    18.239.36.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-96.ams58.r.cloudfront.net
cdn.viglink.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
connect.topicit.net
5    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
stats.g.doubleclick.net
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googletagservices.com
1    108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net
comparisons.sovrn.com
12    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
6    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
2    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
3    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.gstatic.com
21    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net
tpc.googlesyndication.com
3    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
5    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
3    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
smarttag.rubiconproject.com
6    88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    213.19.162.57 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
4    63.34.153.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-153-16.eu-west-1.compute.amazonaws.com
api.viglink.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
8    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
6    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-match.taboola.com
us-vid-events.taboola.com
1    141.226.224.32 (None, )

ASN- ()
cds.taboola.com
Apex Domain
Subdomains		 Transfer
53 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
trc.taboola.com — Cisco Umbrella Rank: 646
trc-events.taboola.com — Cisco Umbrella Rank: 2085
15.taboola.com — Cisco Umbrella Rank: 6237
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3780
images.taboola.com — Cisco Umbrella Rank: 1693
vidstat.taboola.com — Cisco Umbrella Rank: 3158
imprnjmp.taboola.com — Cisco Umbrella Rank: 9400
us-match.taboola.com — Cisco Umbrella Rank: 9552
wf.taboola.com — Cisco Umbrella Rank: 2974
us-vid-events.taboola.com — Cisco Umbrella Rank: 9164
vidstatb.taboola.com — Cisco Umbrella Rank: 4631
pips.taboola.com
cds.taboola.com
1 MB
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
550 KB
29 servimg.com
i.servimg.com — Cisco Umbrella Rank: 263467
2 MB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
516 KB
16 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2076
smarttag.rubiconproject.com — Cisco Umbrella Rank: 15241
eus.rubiconproject.com — Cisco Umbrella Rank: 579
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10108
token.rubiconproject.com — Cisco Umbrella Rank: 477
66 KB
12 zupimages.net
zupimages.net — Cisco Umbrella Rank: 47313
www.zupimages.net — Cisco Umbrella Rank: 52122
1 MB
8 illiweb.com
illiweb.com — Cisco Umbrella Rank: 288707
40 KB
8 op-seken.com
www.op-seken.com
133 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
gum.criteo.com — Cisco Umbrella Rank: 423
8 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
282 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 11138
api.viglink.com — Cisco Umbrella Rank: 17825
31 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
ssl.google-analytics.com — Cisco Umbrella Rank: 570
region1.google-analytics.com — Cisco Umbrella Rank: 2029
39 KB
4 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7298
21 KB
4 2img.net
2img.net — Cisco Umbrella Rank: 251829
4 KB
3 gstatic.com
www.gstatic.com
17 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
42 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
36 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
149 KB
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 19827
4 KB
1 topicit.net
connect.topicit.net — Cisco Umbrella Rank: 595617
2 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12114
7 KB
1 discordapp.net
media.discordapp.net — Cisco Umbrella Rank: 5975
7 KB
1 archive-host.com
sd-g1.archive-host.com
7 KB
1 aht.li
www.aht.li
330 B
244 26
Domain Requested by
29 i.servimg.com www.op-seken.com
24 pagead2.googlesyndication.com www.op-seken.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
21 tpc.googlesyndication.com googleads.g.doubleclick.net
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
www.op-seken.com
pagead2.googlesyndication.com
14 cdn.taboola.com www.op-seken.com
cdn.taboola.com
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
8 illiweb.com www.op-seken.com
8 www.op-seken.com 1 redirects www.op-seken.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 www.zupimages.net www.op-seken.com
6 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
6 www.googletagservices.com www.op-seken.com
googleads.g.doubleclick.net
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
5 www.google.com 1 redirects tpc.googlesyndication.com
5 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.taboola.com
5 zupimages.net 5 redirects
4 us-match.taboola.com vidstat.taboola.com
4 images.taboola.com cdn.taboola.com
4 api.viglink.com cdn.viglink.com
4 trc.taboola.com cdn.taboola.com
4 i.imgur.com www.op-seken.com
4 2img.net www.op-seken.com
3 ch-trc-events.taboola.com cdn.taboola.com
3 beacon-ams3.rubiconproject.com 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
3 smarttag.rubiconproject.com ads.rubiconproject.com
3 ads.rubiconproject.com 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 static.criteo.net www.op-seken.com
2 pips.taboola.com cdn.taboola.com
2 vidstatb.taboola.com
2 us-vid-events.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 imprnjmp.taboola.com vidstat.taboola.com
2 15.taboola.com cdn.taboola.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com static.criteo.net
2 ssl.google-analytics.com 1 redirects www.op-seken.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net www.op-seken.com
2 www.googletagmanager.com www.op-seken.com
www.googletagmanager.com
1 cds.taboola.com cdn.taboola.com
1 token.rubiconproject.com eus.rubiconproject.com
1 trc-events.taboola.com cdn.taboola.com
1 comparisons.sovrn.com cdn.viglink.com
1 stats.g.doubleclick.net www.op-seken.com
1 connect.topicit.net www.op-seken.com
1 cdn.viglink.com www.op-seken.com
1 region1.google-analytics.com www.googletagmanager.com
1 i.ibb.co www.op-seken.com
1 media.discordapp.net www.op-seken.com
1 sd-g1.archive-host.com www.op-seken.com
1 www.aht.li 1 redirects
1 ajax.googleapis.com www.op-seken.com
244 55
Subject Issuer Validity Valid
dom20231222-1.forumotion.net
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
illiweb.com
Cloudflare Inc ECC CA-3		 2023-05-16 -
2024-05-15		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
2img.net
Cloudflare Inc ECC CA-3		 2023-04-05 -
2024-04-04		 a year crt.sh
servimg.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
discordapp.net
Cloudflare Inc ECC CA-3		 2023-09-03 -
2024-09-02		 a year crt.sh
ibb.co
R3		 2023-12-09 -
2024-03-08		 3 months crt.sh
zupimages.net
E1		 2023-12-14 -
2024-03-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
viglink.com
Amazon RSA 2048 M02		 2023-09-13 -
2024-10-11		 a year crt.sh
topicit.net
Cloudflare Inc ECC CA-3		 2023-06-04 -
2024-06-03		 a year crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://www.op-seken.com/
Frame ID: 22DE2D558CE03B184494D6C0EF07DD7B
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Frame ID: ED446CEA3430349560EC38B82AF5EA52
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.op-seken.com
Frame ID: F28F4E6BA8048B72DC058D04C18B39A0
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F371FAAEB93F38C037CB0B6CAB2906FC
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 5DEE93CA626E335B47096EF875879062
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C40781E1F1677500C8DA74C4848DD0CD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&adk=928853944&adf=4192467092&lmt=1706807237&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fwww.op-seken.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807238724&bpp=2&bdt=782&idt=299&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329174294865&frm=20&pv=2&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 5D50BF6D35BEF6611206AD419FB43665
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&h=600&adk=2895525296&adf=2239707850&pi=t.aa~a.3018774289~i.4~rp.1&w=210&fwrn=4&fwrnh=100&lmt=1706807237&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1777309155&ad_type=text_image&format=210x600&url=https%3A%2F%2Fwww.op-seken.com%2F&fwr=0&pra=3&rh=175&rw=210&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807239690&bpp=1&bdt=1748&idt=-M&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2329174294865&frm=20&pv=1&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Frame ID: 7149C44BE708F744B9D9C337C21A0508
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&h=240&adk=3486857928&adf=1692668228&pi=t.aa~a.4150590487~i.3~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1706807237&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1777309155&ad_type=text_image&format=275x240&url=https%3A%2F%2Fwww.op-seken.com%2F&fwr=0&pra=3&rh=246&rw=295&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807239690&bpp=1&bdt=1748&idt=1&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C210x600&nras=3&correlator=2329174294865&frm=20&pv=1&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=715&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=8
Frame ID: 61D298C7C1E25CE0C6D48A3CFE0FE238
Requests: 1 HTTP requests in this frame

Frame: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E261A087A1AD74F7ED20DB1D1ED90A0D
Requests: 1 HTTP requests in this frame

Frame: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D8AB826B2AFFAEA61A1005EF1533CB23
Requests: 1 HTTP requests in this frame

Frame: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9046A8D71133A82EDAF6BCA6718D4A8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 60ACF5D4E13EBF4E147EE9F33D42E5DE
Requests: 6 HTTP requests in this frame

Frame: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 50E3ACB0319DC02934B1F9D92D2E043F
Requests: 32 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: 9A72ADEEE39D7610765B587C21E50517
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AEE5A58376BCD56439F0ED4CADB566BD
Requests: 2 HTTP requests in this frame

Frame: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D40DB7AFEC9B33F724EFDB09791083BE
Requests: 10 HTTP requests in this frame

Frame: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CF26A827128983C5B1C26506413D9569
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D35329475CBC4147912A64BFC2720A2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A056756109D79F621E1359620B975D1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48C7540DB0583EE35192E5BD4D7DD4E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B56A4AF249B9567D6D82FC55E430F47A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60A24B21397AAC0106057901C3528C87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 708BB6FBD3BC3267F4E6A7C7C42D7021
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 4ACC9EA241999682E1687F77730C558B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Frame ID: 93D4B2D080A51EF71F3B10A8B39761DE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Frame ID: 26502605B64A2A8A936ACCFB227F234E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Frame ID: BA8B68B11BD504D6D29FC97FAEC58120
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7323BB39ACAFDCD1C84E3F00DFC6396D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 373D34B35A2E9DCEF0F25478E5A59041
Requests: 2 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&cmcv=&pix=undefined&cb=1706807242286&uv=3374&tms=1706807242286&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!uf1p_vA!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ae40df39-03dd-415f-9986-0360a6528142&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 810ADE91B2B957A4DB96CF2D6241AE2F
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: C967F3B4B8B8395C1C3823D8A149E187
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&cmcv=&pix=undefined&cb=1706807242317&uv=3374&tms=1706807242317&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vB!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&aure=false&agl=1&cirid=dc229410-00e5-4206-b4d2-48ad4ea896c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 146BBAFBD6AD31FAF55BF6AAA08D0DBE
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: A22D6EBB7669BA6CD7F6736E3E1CE785
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8FD8B36BC0534F045BFB904E42245F9D
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 828D7B9F0CD31CAEC3BD7A73BFB06BF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forum Rôle Play : One Piece Seken

Page URL History Show full URLs

  1. http://www.op-seken.com/ HTTP 301
    https://www.op-seken.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

244
Requests

97 %
HTTPS

0 %
IPv6

26
Domains

55
Subdomains

44
IPs

7
Countries

6991 kB
Transfer

15055 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.op-seken.com/ HTTP 301
    https://www.op-seken.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://zupimages.net/up/21/29/7210.png HTTP 301
  • https://www.zupimages.net/up/21/29/7210.png
Request Chain 22
  • https://www.aht.li/3202422/SHAM_PA.css HTTP 302
  • https://sd-g1.archive-host.com/membres/up/e2ab7c6f0c5541d509ba8775a99136cd9309b0b7/Codage/PA/SHAM_PA.css
Request Chain 30
  • https://zupimages.net/up/21/29/29ao.png HTTP 301
  • https://www.zupimages.net/up/21/29/29ao.png
Request Chain 59
  • https://zupimages.net/up/21/29/uuh7.png HTTP 301
  • https://www.zupimages.net/up/21/29/uuh7.png
Request Chain 60
  • https://zupimages.net/up/21/29/31ji.png HTTP 301
  • https://www.zupimages.net/up/21/29/31ji.png
Request Chain 76
  • https://zupimages.net/up/21/29/edyx.png HTTP 301
  • https://www.zupimages.net/up/21/29/edyx.png
Request Chain 81
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1707258513&utmhn=www.op-seken.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Forum%20R%C3%B4le%20Play%20%3A%20One%20Piece%20Seken&utmhid=852493385&utmr=-&utmp=%2F&utmht=1706807238972&utmac=UA-64836955-1&utmcc=__utma%3D122785365.1911416362.1706807239.1706807239.1706807239.1%3B%2B__utmz%3D122785365.1706807239.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=3961708&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64836955-1&cid=1911416362.1706807239&jid=3961708&_v=5.7.2&z=1707258513
Request Chain 126
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

244 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.op-seken.com/
Redirect Chain
  • http://www.op-seken.com/
  • https://www.op-seken.com/
131 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
195c5964d47cdb48f7db6a2df54b19165d2ce9f698dabe81333f5cdd727af473
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 17:07:17 GMT
expires
Thu, 01 Feb 2024 00:00:00 GMT
last-modified
Thu, 01 Feb 2024 17:07:17 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
1

Redirect headers

content-length
0
date
Thu, 01 Feb 2024 17:07:17 GMT
location
https://www.op-seken.com/
10-ltr.css
www.op-seken.com/ 		172 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/10-ltr.css
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
aeac572638db43cfeca3ae0a3e708ed051b42341f5823725bdaa03a8e307e049
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:17 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Feb 2024 00:00:00 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-cache-ma
HIT
content-length
61021
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 15:18:38 GMT
fr.js
illiweb.com/rs3/80/frm/lang/ 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/lang/fr.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4487b64fd8d779b738404d215a2af5a084edc3191f6206864cf556cf025058ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5651113
cf-polished
origSize=73951
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Tue, 16 May 2023 15:02:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um8nZToiO7ANKJ897BeIFzkw3A5aeHdk9rQKEjU%2Bc6z5GYosCnvAjIknGZlCZL0BRtCpQy04Rucrg913U3XAl4Pd2Il9vREI28r1UyBkXtgUDR6SFkPeOXyseJ9EYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608fa8684-MAD
expires
Wed, 27 Nov 2024 07:22:05 GMT
99920.js
www.op-seken.com/ 		495 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/99920.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
beb3a38a6585a3d2897f5177d6885637c396b6a52032f5a8ade3f16c695aed14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jan 1970 00:15:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-cache-ma
HIT
content-length
187
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
10897.js
www.op-seken.com/ 		580 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/10897.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a32c3737c5f7c4b2318e414a9070d3eab3297edd2b10c181d8effa39da5d5bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 24 Jul 2021 20:51:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-cache-ma
HIT
content-length
293
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
12545.js
www.op-seken.com/ 		276 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/12545.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c15429e08c9db9f87283d566cb5bda9663b1fa394452c8eb0d63f38c54394a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Jan 2023 19:25:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-cache-ma
HIT
content-length
163
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
publishertag.js
static.criteo.net/js/ld/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-1fcd8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:07:18 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e4d290944894c7b267ef16999d322ba3a27ece68927fa5eb983751320a8f3da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69898
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 17:07:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
23165508a29c3f5eb3ce98bc28d3dec9a879b796249cedb65a287de1038a68d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51377
x-xss-protection
0
server
cafe
etag
5544148046709850421
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 01 Feb 2024 17:07:18 GMT
jquery.cookie.js
illiweb.com/rs3/80/frm/jquery/cookie/ 		1011 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5568984
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Wed, 09 Sep 2020 09:40:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l3GJ%2Bdy%2Fg2eKVf5o0yEvpRe8jTyyDQbUyNOym%2FDMyzagcBU7rF1YbxlxLaUID4KykIcbHzVh1vtoh8hUC%2FedPFWi0k7Cd2MRLDRRSWCje%2BvA3thq659lcZPeVX%2BBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608fd8684-MAD
expires
Thu, 28 Nov 2024 06:10:54 GMT
tooltipster.js
illiweb.com/rs3/80/frm/mentions/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/mentions/tooltipster.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3583966
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy90nfsjwp1MN7AGV%2FMZd8A046OEPIA5EL55WcRXCllKhilUYYpje4IxSeYV2YaN2Hhbvrz2U5HKrbStDaZSKwMm0TLQs%2FQrEr5IfvBYIP%2BanfM1Blmf%2BxAuB3cC6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608ff8684-MAD
expires
Sat, 21 Dec 2024 05:34:32 GMT
init.js
illiweb.com/rs3/80/frm/mentions/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/mentions/init.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5570559
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 14:29:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRnWKsYDDAzgBRiqcoRC0TV9fY2cOw7Cq8Cv0w6fN4jG9yCnEsmGj4xdKJoEcttZq7LCR12Uj4BoQ4jTctWjc4%2Bex8LFYKZBAqaL8ioMumZTOuowjntvdx%2FkQuS2bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608f58684-MAD
expires
Thu, 28 Nov 2024 05:44:39 GMT
FAToolbar.js
illiweb.com/rs3/80/frm/jquery/toolbar/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/jquery/toolbar/FAToolbar.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5655359
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Mon, 13 Mar 2023 14:51:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LY4pJwYnu2bVu4fUPpoogJHRvboDB4Sm5I83OCQDpSnYTxD%2BJaLPAeIBlbkTTIaq1NqIesfcUwnMcbEUFQlHTcg4vBIwkzTY8kANo6%2F4cuM3rwJnC6K5VAViuTRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608f78684-MAD
expires
Wed, 27 Nov 2024 06:11:19 GMT
tooltipster.css
illiweb.com/rs3/80/frm/mentions/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/mentions/tooltipster.css
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5655359
cf-polished
origSize=6667
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
cf-bgj
minify
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvFa2vii422vLnZUH7otRV2nRXPN8uMxKq1uH5grHXKudK7kgtXcU%2FiyJI86p0BWuam9bogiNT9QfgO1KkbVyqI1QhG%2FAICGB1a%2FbHlqXOEVb0%2FE%2FOy14XXVHWPDIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608f48684-MAD
expires
Wed, 27 Nov 2024 06:11:19 GMT
twemoji.min.js
illiweb.com/rs3/80/frm/twemoji/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/twemoji/twemoji.min.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5649502
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
last-modified
Tue, 10 Jan 2023 08:34:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHqi4Sf0Z%2FqTbc3f1y6ATbj0PuPpKGDgsl9movbeJ%2F4eLygkzfQl436P1THINKHkUzMQlk456sssqoulnVbPzTgDpDqpcLzLtPukBg2LKn4y8M2XqWB%2BFw1AU2mAsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3608f98684-MAD
expires
Wed, 27 Nov 2024 07:48:56 GMT
empty.gif
2img.net/i/fa/ 		42 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/empty.gif
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5446515
alt-svc
h3=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg5YfFlZQ3TXXBR64NscnMQaSQ88jYkvcM8I9ooySlOqseojzCujeGDOaRGTE5AD6gYpNp1K6A2hJi0lmHV3ldKEgW5PAcK07o5JtKrJJqbxliac5CXy0sJ%2Fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84ebca36188860c3-MAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
empty.gif
2img.net/i/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/empty.gif
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5616195
alt-svc
h3=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
last-modified
Mon, 09 May 2016 08:45:50 GMT
server
cloudflare
etag
"57304e3e-2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65woRjL504z7lhsg4q4M9bbfiPqTvGlSZFgPOXaPIJlnblU75YG77IrxDdinoZgd2n%2BMGSpacVqm3X9i3qirPkomEXyzix%2BHWbpox7gvOit3JP%2BLb8MZPBPCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84ebca37cb4860c3-MAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
up11.png
i.servimg.com/u/f79/20/35/30/34/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/up11.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2000293b9d93e2ce2c4d547ff1d9cc848e64f20c9673f48560f41cfc0cffc14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6230
x-xss-protection
1; mode=block
last-modified
Wed, 21 Jul 2021 23:55:06 GMT
server
cloudflare
etag
"60f8b3da-1856"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB5g%2ButxG3aogOKRBEXyN86cz1Idh0BVkJn%2BuYQ6PGlJXvkTT2smrSgxPxhCOsmUCSPHryvQ7LTCbv1iINIz%2FP7pUbxV4KcwjS5J4hyaR6ZwGWPAKq7iRiMhw%2FWZXn9t"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c8574e0-MAD
expires
Wed, 29 Jan 2025 13:08:39 GMT
down11.png
i.servimg.com/u/f79/20/35/30/34/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/down11.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d631ee878ada2beba76942d8fb00eb60edaa5538d2925541e7174b7c5b1bb49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6357
x-xss-protection
1; mode=block
last-modified
Wed, 21 Jul 2021 23:55:06 GMT
server
cloudflare
etag
"60f8b3da-18d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llZhzsnqxdsda2WdBTAr%2BnuBBmNdNC4s1sXpIiKFfCrdbUj0fZTueKrgQF1uqqJfMCboaaNudrXw6sixSu4BeKpJ9CsqUVjdxcFrlAfIHV2TU0tNPs3dRUn56JCRjVKx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c8874e0-MAD
expires
Wed, 29 Jan 2025 13:08:39 GMT
logo0312.jpg
i.servimg.com/u/f79/20/35/30/34/ 		553 KB
554 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/logo0312.jpg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87479f2b3cbd4f3c20abc5722fec3de876ea01866ed76756eb7bf5febfd19c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
565978
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jul 2021 02:57:35 GMT
server
cloudflare
etag
"60e7bb1f-8a2da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyk5WXLrzydMFbXRXxpHf4E%2BptbjxzWLCAciZj1n09b6j8NCuSt%2BZzHABGiOSc4aZSrBH%2B1GuvahrzmBeWrV%2BWiWkUtiq7BlKvZxRWH7QDnuktuph5k%2BGh5O%2F%2BG6N9ZV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c8974e0-MAD
expires
Fri, 24 Jan 2025 06:04:35 GMT
jquery.marquee.min.js
illiweb.com/rs3/80/frm/jquery/marquee/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/80/frm/jquery/marquee/jquery.marquee.min.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5660567
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
EXPIRED
last-modified
Tue, 27 Aug 2019 14:00:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnMeHMrOh%2Bkof0hr87vWjWgvuIa81P3taiweJP0%2B6gcK7alkuSjzmv9YkQqqzoqNQS4HDo0FK8hqFz9JyRQY86jNnALWTKt9iivi3iGRrEQFQIbj6WHzPRqLaa06gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
EXPIRED
cf-ray
84ebca3669ab8684-MAD
expires
Wed, 27 Nov 2024 04:44:31 GMT
7210.png
www.zupimages.net/up/21/29/
Redirect Chain
  • https://zupimages.net/up/21/29/7210.png
  • https://www.zupimages.net/up/21/29/7210.png
224 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/29/7210.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43615aec07695acd12b335bd5e354d23593601daace93df7fd84d885545255f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUi5d13RJIzMH6wSTsfVU08%2ByeUrG%2B0Jjw8SeRofwj51C4B1R4Feav8pmMOoKVrvWRhHgtRrB9cmbMQJ17fBXPL5cK0Hs%2FFjKhQFEF1iUJTD9oyu8v1%2F0rnK0cujdQq%2BnV3aDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="7210.png"
cf-ray
84ebca390d7d03fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 01 Feb 2024 17:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHtDGhu4Z%2BNno76kZECjBRjYWXNFmz0Eqvi1Hh28a20JPKOArWvJPu1iLKnH%2F8d0TWS9h%2FXmw7%2Bo9l2slOm4cJ6CWt8HTdSNnxe82mYlU3NUnRfYioqgqXOHNHzroEQ9"}],"group":"cf-nel","max_age":604800}
location
https://www.zupimages.net/up/21/29/7210.png
cache-control
max-age=3600
cf-ray
84ebca389c8c03fe-MAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 18:07:18 GMT
SHAM_PA.css
sd-g1.archive-host.com/membres/up/e2ab7c6f0c5541d509ba8775a99136cd9309b0b7/Codage/PA/
Redirect Chain
  • https://www.aht.li/3202422/SHAM_PA.css
  • https://sd-g1.archive-host.com/membres/up/e2ab7c6f0c5541d509ba8775a99136cd9309b0b7/Codage/PA/SHAM_PA.css
7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sd-g1.archive-host.com/membres/up/e2ab7c6f0c5541d509ba8775a99136cd9309b0b7/Codage/PA/SHAM_PA.css
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
HTTP/1.1
Server
54.38.45.96 , France, ASN16276 (OVH, FR),
Reverse DNS
filer-s2.archive-host.com
Software
Archive-Host serveur FILER-S2 /
Resource Hash
d56b398ad69f7232bedfb0df3bafe2626d06c9306cacf9d4e1d8b88e4e168d84

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:07:18 GMT
Last-Modified
Wed, 21 Mar 2018 09:30:31 GMT
Server
Archive-Host serveur FILER-S2
ETag
"3305474768"
Access-Control-Allow-Methods
GET, OPTION
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
6712

Redirect headers

Date
Thu, 01 Feb 2024 17:00:33 GMT
Server
Apache
X-Powered-By
PHP/5.3.29
Content-Type
text/html
Location
https://sd-g1.archive-host.com/membres/up/e2ab7c6f0c5541d509ba8775a99136cd9309b0b7/Codage/PA/SHAM_PA.css
Connection
Keep-Alive
Keep-Alive
timeout=5, max=1000
Content-Length
0
pageac14.png
i.servimg.com/u/f79/20/35/30/34/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/pageac14.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1c9e0573f458da46fefcfdc8a8b60e52c6b2b1890b6e21f507850ed9b71bf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
25699
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 23:23:05 GMT
server
cloudflare
etag
"60f9fdd9-6463"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2FFSKkq28X53sDVkpg2rSo5f%2B8K4I4uqaKIMIZjN984CaMeWBkHF9viRFFv8qMCO6eipX71f11HhH0%2FsD87BVecPC7dWMqHE5cIdAICCEf7KYt9Wyom4iYSc7aLIVhk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c8b74e0-MAD
expires
Wed, 29 Jan 2025 18:29:32 GMT
pageac13.png
i.servimg.com/u/f79/20/35/30/34/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/pageac13.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5c8a09562acc089e53a4885ca0531e9794bc7c75c438d24939048e97fccbef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
43055
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 23:03:16 GMT
server
cloudflare
etag
"60f9f934-a82f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZKxl3%2BZeEvmJqI5JE3IL9YaPqZYVZtol13sx%2BJpwQ%2Fc1LKlDyiWjh1ZtO7NvXFVyPfMzrB1%2BXF6Bzuu84cCDvl%2BcJWegLA97iqjF%2BuU8GkfzWatVbMjU%2FTPk39Vs2M%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c8c74e0-MAD
expires
Wed, 29 Jan 2025 15:48:25 GMT
pageac12.png
i.servimg.com/u/f79/20/35/30/34/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/pageac12.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7af3121e200f69273d3f46301d22be621a238ecf000ed803c9ba3b9a005b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
49528
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 22:41:01 GMT
server
cloudflare
etag
"60f9f3fd-c178"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYySp9ApOkla2gzvPgj6me3T2gaTAr8K0CN5JEf1i33Nb6MK1tBgE8wSLGTJ2foloVqhfkAtclE5jI4KLcaJljm2%2BS8ZLRxzLJ4Ma1%2F04Bvu1GkrVE6AWfSqc0SQUURz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca387c9074e0-MAD
expires
Wed, 29 Jan 2025 15:48:26 GMT
pageac11.png
i.servimg.com/u/f79/20/35/30/34/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/pageac11.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2e1a1c83d0967b70d7ae20a083652d848ee27eac7aaf6cd44a2988ffbed43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33424
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 22:41:01 GMT
server
cloudflare
etag
"60f9f3fd-8290"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yDk3svfyVOB8K5FhE8DYOAjnzU4PHhyotGNVHhSRg45THIL%2BkThXYMb8zvp21JWwZhz%2BmHE352VHGqr9sBKraDUqEGOZv%2FgompkJ86fbzT2nSQmL8Of86c0kgaqUIZY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca38ace174e0-MAD
expires
Fri, 24 Jan 2025 16:53:03 GMT
0000118.png
i.servimg.com/u/f98/19/78/78/14/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f98/19/78/78/14/0000118.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50961ce813f62e93c1c34226125aba7d61d8d2c1cdbcc17e3548f0d907d72ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
966
x-xss-protection
1; mode=block
last-modified
Sat, 06 Nov 2021 10:15:13 GMT
server
cloudflare
etag
"618655b1-3c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8RecMG3n%2BzTqDcNToH3RK6Hd4%2BjCqekWkDEzAdCzg0H2Sz1s4DhLnMgDvFyzHUEgUFX5NTewXpmr2qkb46fhrnKJdN15t7VtM0HYAu7PkISYT%2BzZ4x%2F%2Fpg3oyeI0Wx0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca38ace474e0-MAD
expires
Wed, 29 Jan 2025 15:48:26 GMT
pageac10.png
i.servimg.com/u/f79/20/35/30/34/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/pageac10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5835b472a02709b7955b0478e6c11f402cb03e2e132cb1f73fbec75c3ac6f434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
30555
x-xss-protection
1; mode=block
last-modified
Thu, 22 Jul 2021 22:41:01 GMT
server
cloudflare
etag
"60f9f3fd-775b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDNXmsD%2B0f8NEFhpNLRhrk1Bnmdy33HKZODUbclBNGBc0CykHL51fVVx91u0ZWdY9yhNpnoJO0ktQigxu2P9vRAh1J3r7YLfm67zUamB6CdFG47z8JcSwLcuKOCsq1uU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca38cd1774e0-MAD
expires
Wed, 29 Jan 2025 15:48:26 GMT
0000318.png
i.servimg.com/u/f98/19/78/78/14/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f98/19/78/78/14/0000318.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a931f46d9166bc8495323af5703d55118a83b54c1bf527d1b99813c231ed79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
108942
x-xss-protection
1; mode=block
last-modified
Thu, 03 Nov 2022 20:30:20 GMT
server
cloudflare
etag
"636424dc-1a98e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojUO3pFViSznKaOzDyv0SaLQrO%2FwHh01rwyn7zSDGzqGQqI8M8RXwBGbzidNec8m67wnqKcX5BzlrKuBCKyVSXqwlcMnsbdeAM57LXafUqirGmHTehGGItn%2FgVFBPKf7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca38cd1974e0-MAD
expires
Wed, 29 Jan 2025 15:48:26 GMT
29ao.png
www.zupimages.net/up/21/29/
Redirect Chain
  • https://zupimages.net/up/21/29/29ao.png
  • https://www.zupimages.net/up/21/29/29ao.png
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/29/29ao.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c156925f01bf6c4c8c200457e8ca51005e2a6e3f782e08846a1fb2a391d6d2e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:26:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4ST2rUvVMGg6Js4u6ytk5QWyAthvzt07rhOUrZckHb09zWfNn9OPydqrorNRnn8wUymmT0cWPwIOgm9v70dqgFPG3c3ulK0i%2FSIMvj%2BSiF8gVldOaHSZXYvFfpj8akYtzoKPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="29ao.png"
cf-ray
84ebca390d8403fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 01 Feb 2024 17:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u8RDRfsLUQmn3e4UpekgrtYmmjStv%2FUufU5soJJpQvlwqyHNXON7jOgK9Tl4tpcdzkAWeWs4AMnReyfFOyi5EzX7FXYhCXrJ5%2FVvarXMpSFP83cCVkC2As%2FL%2F6NTgWe"}],"group":"cf-nel","max_age":604800}
location
https://www.zupimages.net/up/21/29/29ao.png
cache-control
max-age=3600
cf-ray
84ebca389c8e03fe-MAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 18:07:18 GMT
4Mb4hy0.png
i.imgur.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/4Mb4hy0.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4414c9b51a0fa6a9c5b1ed99a5bfc65044a8b525b4ff92e1167299a46c4f8a3e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
4830120
x-cache
Miss from cloudfront, HIT, HIT
content-length
3586
x-served-by
cache-iad-kjyo7100105-IAD, cache-fra-etou8220061-FRA
last-modified
Sun, 01 Sep 2019 17:04:58 GMT
server
cat factory 1.0
x-timer
S1706807239.588950,VS0,VE1
etag
"014fe643b22aee2f0486c8df5da11776"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f2NreDEg7XS7XHzfuxSSeGEqigwumCX8WTJqC5NrDEuD3aTHcZg9qg==
x-cache-hits
3, 1
unknown.png
media.discordapp.net/attachments/894249314690416670/894863270203256872/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/894249314690416670/894863270203256872/unknown.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccbae6ac935132b577ba081acc709b6cf29777fcb81635c889341c01bb2364ca

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 08:27:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWvcrQcfONrpJRPO7D16ONkNZoiDXgnQHjQ6XMW7n1vPK4%2B2%2Flz2sI5AA1poHyk7CmF6cymizZqha%2FXVqpraF%2BgHFtihrECLjI%2BetUUXb4ilhVyG0q7iaWVugrZteHp7UFy9m%2BDA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes, bytes
cf-ray
84ebca389a5d6936-LIS
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
content-length
6194
expires
Fri, 31 Jan 2025 17:07:18 GMT
bouton13.jpg
i.servimg.com/u/f39/17/38/60/46/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f39/17/38/60/46/bouton13.jpg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee1767e54f583a814728f38b09c7ec7689ec1ee947fc5afda4ea0edebbee771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18334
x-xss-protection
1; mode=block
last-modified
Tue, 08 Jul 2014 13:50:22 GMT
server
cloudflare
etag
"53bbf71e-479e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7rI518QUxkteu%2BRl3ruW%2F7OaLSEVL0Y7zp%2FNfjPgpo8F9oqixl1tqQnwLY2DmijFajEfwlb5Iol3FMgjiapmelBsDWeQ1MqdhqFle3QpWSl6J709M6AZt8PO198D2pS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca38cd1a74e0-MAD
expires
Wed, 29 Jan 2025 14:46:44 GMT
88x31.png
i.ibb.co/tQypGvH/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/tQypGvH/88x31.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
ea8f6795f50317f065b87a204889735f8ea7071ac5f0024d9def8262de7063a0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
last-modified
Thu, 01 Jul 2021 12:40:22 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6682
expires
Thu, 31 Dec 2037 23:55:55 GMT
heua.png
www.zupimages.net/up/21/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/08/heua.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c351a9d6adfcce879874b9a424c41a37447a61e0cbc642ae93bad8e142ff4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNJEmzGUdSgH6QWZRKWyeqAMjDT8O9wd2FG6iUCY9Mjflkp18R19Orm7myiyWgVc9ieHerN73lt7qGIn37L%2B0LNOQhVhbTRsFWbeR5%2B6RNMqS0xATTPaarz9sZoZyZmClGaWNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="heua.png"
cf-ray
84ebca399e8103fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
ae88x310.png
i.servimg.com/u/f45/18/07/10/40/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f45/18/07/10/40/ae88x310.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d744a7b07a492d4769e9b44c87e4023dc352aee9ac2c4a9a92ee1f01f17c1f26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5149
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 13:03:39 GMT
server
cloudflare
etag
"619ce6ab-141d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq11lY%2FvPlxO1owVhR00JLOBNxKq%2BAbNFnDKg%2Fj73sPKWZDUGhl6d3eXjpKid%2FAWMGX6W4Vj2lN8C1Oyat7oFS0uEBByEpaf58FqTbgcqvDdrQ4YN%2ByPP2JT4ia0zWnI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca399e8674e0-MAD
expires
Wed, 29 Jan 2025 17:56:09 GMT
SRw7Vty.jpg
i.imgur.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/SRw7Vty.jpg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8f69cd37684d5c43a15d64f0ce5c388b366364d7228beba90e9f489b87d2511a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C4
age
4945855
x-cache
Miss from cloudfront, HIT, HIT
content-length
5459
x-served-by
cache-iad-kjyo7100049-IAD, cache-fra-etou8220061-FRA
last-modified
Tue, 29 Sep 2020 08:19:20 GMT
server
cat factory 1.0
x-timer
S1706807239.668971,VS0,VE1
etag
"47d9db8953dc73e8ce2e99335ac3ac67"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yu9EEdjv-N9n-CE_9QWiufwbkLzLsQv3OvPdj9N_u1txm9kYTRfpCg==
x-cache-hits
6, 1
ys59.png
www.zupimages.net/up/19/44/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/19/44/ys59.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff800babf67b069193af1b7442f250df9823fac5adda2698653229b0901ba3d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:36:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5wX%2B%2BpLPhxn%2FBeyrlV4U9sunAiHg%2F6xroUZSF0X%2F16E%2BgvODn81LGdRYUR9tE5hx0LVlDxGbAVfF1QS5CzplRX%2FlGBEw7mpBC1PZj679bH8fcQhUeaZTb3JSysVeq3glcQsJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="ys59.png"
cf-ray
84ebca39ae9603fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
5YjkFxz.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/5YjkFxz.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
52b4986e888e5a7ad231fd0ec5375f9354d498842fda6049b2b8fa7ff9ba561e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1373737
x-cache
Miss from cloudfront, HIT, HIT
content-length
6125
x-served-by
cache-iad-kiad7000030-IAD, cache-fra-etou8220061-FRA
last-modified
Wed, 02 Sep 2020 02:01:29 GMT
server
cat factory 1.0
x-timer
S1706807239.677718,VS0,VE4
etag
"873f75de6fc952ea9be6096bf6393483"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-G6kcbR0QorBEV9Z6nbbaBpbaYYdzPaEa3p0Qj1mBIKsnCjB8JhzUg==
x-cache-hits
39, 1
Hra3m7d.jpeg
i.imgur.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Hra3m7d.jpeg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d52acbbbe5422bf228eee6359e7885a9da68a8d90c9288c91edce9dea47c0829
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
age
2409775
x-cache
Miss from cloudfront, HIT, HIT
content-length
5148
x-served-by
cache-iad-kjyo7100110-IAD, cache-fra-etou8220061-FRA
last-modified
Sun, 02 May 2021 12:04:14 GMT
server
cat factory 1.0
x-timer
S1706807239.677716,VS0,VE6
etag
"f571a64ee68cee022e8664ef77bb1eb1"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dgjhpbDztUn-qXggeD2j2E80wbGTpCYW1A1YnoUoP_4G2EWEBACSTQ==
x-cache-hits
40, 1
8831.png
2img.net/h/www.aht.li/2827805/ 		659 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/h/www.aht.li/2827805/8831.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b4d0862de01f2c47e32b88fd209c7e989cf6917fa007cec6c07227a0cf872d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
659
x-xss-protection
1; mode=block
last-modified
Fri, 12 Feb 2016 03:32:18 GMT
server
cloudflare
etag
"272162223"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDGY9XvN8PcXWp6ua2rQOb5gAGiTX2VsERoQABhrROFmrUMY93RzKDbyy5%2FGQs%2BQOGTVK%2FyxEMmbfgCbf6kBfbHIXfVE%2F1t4YoJRkHy2hbrP5V6N%2BW3Md%2BY9Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84ebca37cb4960c3-MAD
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
nonew210.png
i.servimg.com/u/f79/20/35/30/34/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/nonew210.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03263e66b01c8d19c410de3be4e37f5fb6a2f4ecabc15682136134c3ac4163b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
38207
x-xss-protection
1; mode=block
last-modified
Sun, 25 Jul 2021 15:14:02 GMT
server
cloudflare
etag
"60fd7fba-953f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhgPadQM9LsLt2Cv5gQn0sh3jsojxB%2B70Bt6w2aroF8l%2BO8ugUriocyXfeP3pCE%2B5hxP6Wnc4crzic4k0xO0pKujAzExIrNH7MjyXruEzY2G5p6W9dXJhqp2zOqsr5w7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca39aea074e0-MAD
expires
Wed, 29 Jan 2025 15:48:23 GMT
monomer.js
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/monomer.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29087
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230049-FRA, cache-lga21956-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"7174-TI13tHtwe+ecTzoB+WHDA6ZdKiA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIqqKSpTV6D3%2BoRo1vKTC5%2FObmw7VMxL%2BCnIAXNOh9Zz5lKemLmxiuJLi84y2mocCx%2Bdeonltgc3hoBs0cZuqGIEFaxh%2FDsM93W%2FLP%2BCisZLAPpUyNerok%2F%2F4MYzk%2F4PjUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
84ebca377f9503f6-LIS
switcheroo.js
cdn.jsdelivr.net/gh/caezd/switcheroo@master/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/caezd/switcheroo@master/switcheroo.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220030-FRA, cache-lga21967-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"454c-pe4tkPHL9eLRnfHOspJ1cZfOJFw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwTdcogvM8%2B3usPgVVmwuUc9ucGlXF7jtf0wEu3Nf57lTHX%2Bd7ToW8NQQ9CSJEHPcWcFViWgte06tg74FcEY01qyj2FyhXe6aFhID%2Fc2%2BmJKzLrhfyPNutI1b00CWevDvjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
84ebca37bfd703f6-LIS
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f566a8ac28194750e2c5cd5a89af8ff420be2d86706923fd3a7fb1e816e831de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81983
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 17:07:18 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144388882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 15:30:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5795
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 01 Feb 2024 17:30:43 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-fr/ 		347 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
772d6b32d0fb6d5a0e8942b49bd73d08527185999bcf6a797d6c318d333c36fb

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
tglJggtkQQeJ6ld1HR63FzkHx3z9h42k
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:19 GMT
x-amz-request-id
6HXQGQXQQ6WBMYD3
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
20
x-amz-replication-status
FAILED
content-length
52811
x-amz-id-2
tqYL5VqIz4XP+wjOUFsW1LU6a9iZOXCRUj52F/tWtv3d9Je+b2dZjT0XY+Ms4IUzx6wBMbCRmHs=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 17:07:18 UTC
server
nginx
x-timer
S1706807239.754497,VS0,VE415
etag
"2b331cf3e911e5b21c6ee8153ad0510290233989"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
24
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 15:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4341
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 01 Feb 2024 17:54:57 GMT
dx
www.op-seken.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.op-seken.com/dx?a=35739
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e959b472d2f44e695b51b3fa649319f1e89b321244cf722359e974c6e4dbcddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Feb 2024 00:00:00 GMT
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000
x-xss-protection
1
expires
Fri, 31 Jan 2025 17:07:18 GMT
webpush_register.php
www.op-seken.com/ajax/ 		25 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.op-seken.com/ajax/webpush_register.php
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.165.2.137 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1
content-type
text/html
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZSSLCPJ9BZ&gtm=45je41v0v9119535023&_p=1706807238318&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1911416362.1706807239&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1706807238&sct=1&seg=0&dl=https%3A%2F%2Fwww.op-seken.com%2F&dt=Forum%20R%C3%B4le%20Play%20%3A%20One%20Piece%20Seken&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1416
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZSSLCPJ9BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.op-seken.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=149&profileId=206&cb=84240383909
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.op-seken.com
date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 26 Jan 2025 17:07:18 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 26 Jan 2025 17:07:18 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
1b4b01f99e97e24f99454899af89ca970fa7183e9d77ed2d87c1f6ef9779be0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140915
x-xss-protection
0
server
cafe
etag
15204418704622007500
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:18 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/ Frame ED44 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

age
4325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 15:55:14 GMT
etag
3890843268177463596
expires
Thu, 15 Feb 2024 15:55:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
paroge10.png
i.servimg.com/u/f79/20/35/30/34/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/paroge10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/10-ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9458f9c1086061c0be6dad8c46673c548b9324cee81313ae6d48bf7fb0afde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
77994
x-xss-protection
1; mode=block
last-modified
Fri, 23 Jul 2021 16:47:58 GMT
server
cloudflare
etag
"60faf2be-130aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ51bVmzMG7drDcVWAjsSGor6QDvmVoG%2B%2Bx1tnZB3aG1G698J5exYwMaU7ikO%2FhcDn0Cie9e6u%2FK3RA4D4g61bTVF9HM9qIvobCUeU677sONvT4aF6oHA97K7q2KUvJX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b2e1e2fa1-MAD
expires
Thu, 30 Jan 2025 08:23:10 GMT
sprite_icons.png
2img.net/i/fa/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/sprite_icons.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/10-ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5668212
alt-svc
h3=":443"; ma=86400
content-length
1459
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 11:01:49 GMT
server
cloudflare
etag
"5739a89d-5b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvPR8F6qGLf4tUZrfRvNImv6eSKFR3aGAtOX6sbxpFF6P3bH7jSleXICVPLLVvBvGUF4zt9nZKdo1ZUvHEqt0rex4P0GP7gUutzj2653hRmrIkrOAM5EPhDk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
84ebca3b2b7e2165-MAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
uuh7.png
www.zupimages.net/up/21/29/
Redirect Chain
  • https://zupimages.net/up/21/29/uuh7.png
  • https://www.zupimages.net/up/21/29/uuh7.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/29/uuh7.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/10-ltr.css
Protocol
H2
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18d3163a9ee9bcf0c87874656955359f33ac9c063529ce985c94ca0b5569d12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DGI%2BsTbZbmsx0a%2FwFxjFHTQbIwqIh%2FfUUjGKXXBN%2BeJct7Fjyl2k5%2FoN%2B2PR7KLN4rsPvoObnBNRahO5i56GSIknN59H8yV7k1KmQuR82m8GYk%2FiyX9G73%2F%2B%2Bunyt%2BadEeYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="uuh7.png"
cf-ray
84ebca3ba9e903fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 01 Feb 2024 17:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFqZauIQuBu2GX%2F5kGaaTagdJj6dKvi12JOYoeXKR%2B4y%2FjKOUha5fYdCWrgN1wVYrADlkrCVJKcsfaMqLc2ENVMC1igCR3tn4ZvfziJpv0f1BAeKREfhlsamtrP%2Bdnqg"}],"group":"cf-nel","max_age":604800}
location
https://www.zupimages.net/up/21/29/uuh7.png
cache-control
max-age=3600
cf-ray
84ebca3b291e03fe-MAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 18:07:18 GMT
31ji.png
www.zupimages.net/up/21/29/
Redirect Chain
  • https://zupimages.net/up/21/29/31ji.png
  • https://www.zupimages.net/up/21/29/31ji.png
103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/29/31ji.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/10-ltr.css
Protocol
H2
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a989309829d1470db73f94c211aae9524089e971703dec21cf7cefcb975f86
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnzxuxP92xkoF%2FfSyNIF2Q%2BFboJMa%2FpHwV8u%2FGfA9bEy2D8ESMZMKmrm5WXsbJXHCD0y54ME0B0ERB%2Bv2wgi%2Bh1fCSRekKR9Y1aa5JcbdhPqVgGoBRh3qL5UhdUlk5uePVqitw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="31ji.png"
cf-ray
84ebca3ba9ec03fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 01 Feb 2024 17:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZkHlZ3NjjT5cm9UoM1i3NXHENP9zGpEmJX%2FyMNtyCuT26jA%2FWBeEymxgZkYpM3ixH5xCdBkm39jm6A0ywrj%2B76scGxEb7yk3aTT6zVtvwBwzRpjqaVFWfon4z0nbk5D"}],"group":"cf-nel","max_age":604800}
location
https://www.zupimages.net/up/21/29/31ji.png
cache-control
max-age=3600
cf-ray
84ebca3b291f03fe-MAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 18:07:18 GMT
reglem10.png
i.servimg.com/u/f79/20/35/30/34/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/reglem10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0a986946ba89ec13dda7ae6f315881f0b3847e9a3eaec2dbccedb52d29cee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
83788
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 00:20:15 GMT
server
cloudflare
etag
"60eb8abf-1474c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpVqkNo8%2FslpnvP4waQR53bELh4cJubHodauxLhcV7DUG6UgSZdHWdO5ABdJGU%2FXmq%2FzabE6xfn53bvZKctyLCIQ3l8mkPDjRoVyScBYFkw0X%2B7ShfVbe8Ty8PORSh3T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e6b2fa1-MAD
expires
Fri, 31 Jan 2025 09:48:47 GMT
vieduf11.png
i.servimg.com/u/f79/20/35/30/34/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/vieduf11.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3857ce7db410cfeda3c7fbb6aebf30d5465f43096f2e038ce878b2b238e92159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
80019
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:24:56 GMT
server
cloudflare
etag
"60eba7f8-13893"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1rYUXFyVvS6xc4lZR6xTp06dfIm5vDRWM1P9BLsApVt8tJ6uwam23aohQshQSNRAanhuMZhOLC7y6SRBAXx%2B9HWBo6STIkJ0GdAEl8Cd9QRTKB4NfYrxF%2BSgAy3IJOM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e6d2fa1-MAD
expires
Wed, 29 Jan 2025 17:56:09 GMT
person10.png
i.servimg.com/u/f79/20/35/30/34/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/person10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efc5fed19f324b6ca6a4b417261fe7fdb2defe072f3ddd3310749233e27da7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
84876
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:16:18 GMT
server
cloudflare
etag
"60eba5f2-14b8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKU8cV7eZYJnvHeQ8D3QXJ%2F2zCFEGixe2pOuCmeqVjOxzI20q7jobtOkRQr%2FVjPY%2B297CThsGIQrDp928%2FcIlCYeg29hR8XTA0mt7k8ZKLSaGCS%2B1kq%2B%2FlOOFWIaDxKV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e722fa1-MAD
expires
Fri, 31 Jan 2025 09:48:47 GMT
gestio10.png
i.servimg.com/u/f79/20/35/30/34/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/gestio10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94612a724fdd4d0ee8515592f919ea1a59b98c80ff0e2ba20ac4ec09261d346c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
72400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:16:18 GMT
server
cloudflare
etag
"60eba5f2-11ad0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNPpuh4gvbTPVBp1XAG35iEmv5y4G1D4oGkBiucMM34cdLmJGWrZbHb2FojSWD8OTiKGaSvUiAwHbRlKHiion4DxuoYXDRFqHv4hvc0OLlKlyvvtaMSdiOkztJdTYcgy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e742fa1-MAD
expires
Wed, 29 Jan 2025 17:57:18 GMT
denden10.png
i.servimg.com/u/f79/20/35/30/34/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/denden10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18da20645314d15a60fbcc38b2b01c944e9deaec5365364aa0136837d923c81f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
85128
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 18:05:41 GMT
server
cloudflare
etag
"60f5bef5-14c88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X%2FlMD6QPAK8kgtQWrKSbxq4qu8nSBHYiQlrAXK8XHR%2BXih2ZquPaq59uD4hoVBbhdiik2K21docEXLNYM%2FIF0BCF4qJUurGsTa6roW7TOTPeUaPQugy6n3swrwK9bTw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e762fa1-MAD
expires
Wed, 29 Jan 2025 17:57:18 GMT
enmer10.png
i.servimg.com/u/f79/20/35/30/34/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/enmer10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43fbd73a7f6a097750b1c13702b908932ec5bfb60a49ed4c9d1479785f8901a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
79677
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:55:29 GMT
server
cloudflare
etag
"60ebaf21-1373d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12kdHFDTNV1U922yIyW%2F6Dav4VDT8DqSgzQnyA%2BQox12EEYCpv7%2F%2B5E%2FAFsLSZa5ohaJqlmp55w3slIR1Q0yrHg%2B5%2FaZetEQ3eFjzKQ9bwDPJMQ7D%2B1ZW9Z6v6IPg7yp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e782fa1-MAD
expires
Thu, 30 Jan 2025 08:23:10 GMT
seablu10.png
i.servimg.com/u/f79/20/35/30/34/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/seablu10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e328b05ec4c18201f63c6131e52d2f01f7cc9e946af3406ff00ad10e26d2f8ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
79553
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 18:05:41 GMT
server
cloudflare
etag
"60f5bef5-136c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj6Y4CjsSwZ1YoZMo2cRV%2BccZxCQgJRsSTqh38l1aL5Mo1u2wvxCyRzzJbtH1BXsBDLe9id3uX48ciBv5p%2B3lwVcbpUhE%2FZH50Pi00fUfxuSuuEbFywxfx3%2BEtKAIhmA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e7b2fa1-MAD
expires
Wed, 29 Jan 2025 17:57:18 GMT
redlin10.png
i.servimg.com/u/f79/20/35/30/34/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/redlin10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9720c8d8c40b3c68ed78efce79054814f4bb609de588f0065465c04f7b0d8329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
65484
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:57:51 GMT
server
cloudflare
etag
"60ebafaf-ffcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzpYT2rfHHEF0vVfAykYw50zj%2FE7d4xL0vf%2B41NnTu52PUs2t2UWQl%2B67rocDx29042myjoeIrHGprhofu9nVaoqKeN3oW4ZCek%2BB5CwgaG%2FHbTx2YEkVHmrCl8vvWAQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e7d2fa1-MAD
expires
Wed, 29 Jan 2025 18:11:51 GMT
grandl10.png
i.servimg.com/u/f79/20/35/30/34/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/grandl10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e310aa73d91ee625c486996091038f7878797edaa00d01526e524866fa0da9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
73795
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:55:28 GMT
server
cloudflare
etag
"60ebaf20-12043"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgyB1n5ZAtIlgEiE1AWh33aSiJ%2BLFar8qkCBTbry2MLAAs4Aqv3sV%2BuYoJsOr7E841ZoHW6YVIN1xp8OXHzMQHM4Nt83fJ56LtVbQlL7FBKbN6rppemznRE6VXJGcQMN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e7e2fa1-MAD
expires
Thu, 23 Jan 2025 18:46:34 GMT
ilesce10.png
i.servimg.com/u/f79/20/35/30/34/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/ilesce10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6e91e30258cc1b262d2f10f308514cbc6ede7ac3f59ffff0208dfa1e05dfe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
76406
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:55:29 GMT
server
cloudflare
etag
"60ebaf21-12a76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nChzi4C47swIsVeNDqQ0485G7017ZsbGuuqmM549MQVm6JOteJXWHsZs%2FP4REWhIQk7edgynZKOag1%2Bdze3d15jSw%2Bc3zCS5g7Fecx6ni9zqTIFqwkkeZ%2FqefjySBmio"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e802fa1-MAD
expires
Fri, 31 Jan 2025 01:00:02 GMT
nouvea10.png
i.servimg.com/u/f79/20/35/30/34/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/nouvea10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38babcd2d2047c15e60b7075d9a9b0d9b522fb7fd4b3bf07a910cd26e010877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
86777
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 17:25:41 GMT
server
cloudflare
etag
"60f5b595-152f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU1rL2fBvQOh0vdk2orNSWVIAOTb%2BpPIItGuChUBmv5y%2F3HFB4M7YUUNxsGc209iT3lRcDuGXFZ4c921ysLhPh%2Fdyhe91ycGylT3uM3%2Bu4hi7oqWVEJ8KpXpNjX%2BprYv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e812fa1-MAD
expires
Wed, 29 Jan 2025 20:24:00 GMT
sieged10.png
i.servimg.com/u/f79/20/35/30/34/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/sieged10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b025bf90a853800256af4c9a7b81cac009ca2c79f0147f1730759e64b12b646d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
46403
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 17:25:41 GMT
server
cloudflare
etag
"60f5b595-b543"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA6eIVv4lb55B8S8AlUO17F25yVVlF2%2Fc2LjavoVULjwd%2FzUdjCPHqQZkmBQCsCGxaOqTg2Q7HyniU%2BKKY9O7Kpvl4QmrnwqrUSDS%2Fku9Jy0SkYMzei8KhnMKLTuFjVL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e832fa1-MAD
expires
Thu, 30 Jan 2025 08:23:10 GMT
tavern10.png
i.servimg.com/u/f79/20/35/30/34/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/tavern10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdebebf4f450d61bd486e99169a7ce38812de0ceb846359df4554aed81966a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
85818
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:58:42 GMT
server
cloudflare
etag
"60ebafe2-14f3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAacNpbcRaW4f6pwpmxfPO5awKMsGdbbE4obH1KpvE2%2BcdFo4SJkBPlF5S2y5eGDuTyssxw0j%2FGtodnhDzkq%2BFi22gRVheuwzcbE6iGjvaulgreEDPPQhMFp9tXaSDfO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e842fa1-MAD
expires
Fri, 31 Jan 2025 09:48:47 GMT
concou10.png
i.servimg.com/u/f79/20/35/30/34/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/concou10.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254d98d620dbe39d7c73e2a4de0253736f0edb05f3f89f191d985a81a1eaef0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
78740
x-xss-protection
1; mode=block
last-modified
Mon, 12 Jul 2021 02:58:42 GMT
server
cloudflare
etag
"60ebafe2-13394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PIbOuabjPyt9xUeE7fFv0L2EC68dhu4TB1xQMSrO0CiQwrpRykPmG9fcuKzr%2F%2FHGbS913s2jG92JIIeLjrsuoPpk%2BoDWCuw4mB%2FNeGz9NAIS4Kp76TFj4E5bXlDpl%2Fy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b4e862fa1-MAD
expires
Fri, 31 Jan 2025 09:48:47 GMT
vglnk.js
cdn.viglink.com/api/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-96.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9fdfd6482e324811325ba1c3ed97b7ab3aee9096c41d7a61143fafd8612a6e6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 13:27:59 GMT
content-encoding
gzip
via
1.1 7cc8e1a489398403da487298ad363b2a.cloudfront.net (CloudFront)
last-modified
Thu, 01 Feb 2024 11:03:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
13161
etag
"60f26c7e7bc24f162b898c94a0c90b15"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29129
x-amz-cf-id
bGZdCqPFUOTTLDDQdgY_3o1yY1IRMGmuRIs0KFVepfcX8PRwj5Isgg==
edyx.png
www.zupimages.net/up/21/29/
Redirect Chain
  • https://zupimages.net/up/21/29/edyx.png
  • https://www.zupimages.net/up/21/29/edyx.png
744 KB
745 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zupimages.net/up/21/29/edyx.png
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/10-ltr.css
Protocol
H2
Server
104.21.233.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6bae7cf57429e3a4ab1add40064fdc7f999f3bfae45665a9b55f5d7dd36779
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 15:17:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fio3HuYvsfZ1kEFNAJ%2Ftgb2sBO5%2BQvHeDxZoHKc99%2FuuHTiSYWAKVtLdue5rstIDuHouXZCLBpUdA8mEmrO2GQbuakW7LlccXRE3FOuSp28GtTbiyWe61s9Sm8UaPl1vDlbQog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
content-disposition
filename="edyx.png"
cf-ray
84ebca3bba0303fe-MAD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 01 Feb 2024 17:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oi7Qr5iqARlhkhXOWmx2oxISoDXQ2vjySgIwpQ56tjvAlVj4ayXp6vy%2BEqR%2F0hJLr2ayVFlKKXxaU%2F1EMJ9poun7cDkdvACcdJCjmDPLONhepTtuKe1%2Fox4bU5uQ4H1K"}],"group":"cf-nel","max_age":604800}
location
https://www.zupimages.net/up/21/29/edyx.png
cache-control
max-age=3600
cf-ray
84ebca3b495f03fe-MAD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 18:07:18 GMT
connect.js
connect.topicit.net/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.topicit.net/scripts/connect.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4619
cf-polished
origSize=5437
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 27 Aug 2019 14:04:48 GMT
server
cloudflare
etag
W/"5d653880-153d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEtgnBK5sHSWLe97F0sgX4wJH32t%2FDcRwXgwUVMcY%2FK0oPq44yICOYbsjT8jFAwPBH9U5YTo4Mc7TBDfpPI9VAMOXRfYjaZ1ouRaflKTRzu3OUwJHHe3jxWHKWosghzVryW3%2FJXG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
84ebca3c5f08218f-MAD
logo0511.jpg
i.servimg.com/u/f79/20/35/30/34/ 		418 KB
418 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f79/20/35/30/34/logo0511.jpg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.31.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4d89d204d7d07b2a47482a88650e650dae5324aab5174fcde0543dd99c56d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
427619
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jul 2021 02:59:02 GMT
server
cloudflare
etag
"60e7bb76-68663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiCkRfG7KdQDyehrPZICVyvapuzdOXv8cQH%2FtTCNCeXkGGI91YN5W1BXj6CeSXo7WN%2BwU5HXLlTi3L6JeYk9fq7UG7T0Gx7VqEwr0gIyy3W6kM7evfse40mJ1qVIQR5L"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84ebca3b9f0a2fa1-MAD
expires
Fri, 31 Jan 2025 01:00:08 GMT
syncframe
gum.criteo.com/ Frame F28F 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.op-seken.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:18 GMT
server
Kestrel
server-processing-duration-in-ticks
431702
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=852493385&t=pageview&_s=1&dl=https%3A%2F%2Fwww.op-seken.com%2F&ul=en-us&de=UTF-8&dt=Forum%20R%C3%B4le%20Play%20%3A%20One%20Piece%20Seken&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=193097464&gjid=2025755779&cid=1911416362.1706807239&tid=UA-144388882-1&_gid=1178716399.1706807239&_r=1&gtm=457e41v0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2038938392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.op-seken.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1707258513&utmhn=www.op-seken.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=For...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64836955-1&cid=1911416362.1706807239&jid=3961708&_v=5.7.2&z=1707258513
35 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64836955-1&cid=1911416362.1706807239&jid=3961708&_v=5.7.2&z=1707258513
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 01 Feb 2024 17:07:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64836955-1&cid=1911416362.1706807239&jid=3961708&_v=5.7.2&z=1707258513
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F371 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
3334e89f8943974d08d81111301ebef704f8ab80fae99b8259268dd9ae22181b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29544
x-xss-protection
0
server
cafe
etag
720 / 19754 / m202401290101 / config-hash: 10746953351813898889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:19 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5DEE 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
52624e8315b890b41cdf5c43f742894cbd1fa0eaaf18d2fe2e7d27fb3ff69f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29546
x-xss-protection
0
server
cafe
etag
342 / 19754 / 31080792 / config-hash: 10746953351813898889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:19 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame C407 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
34d632477a31afce9ad42cf6e28ae23e38c64d106e320f3b3b57aea7ea3f3bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29544
x-xss-protection
0
server
cafe
etag
945 / 19754 / m202401290101 / config-hash: 10746953351813898889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:19 GMT
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.op-seken.com
date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
googleads.g.doubleclick.net/pagead/ Frame 5D50 		207 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&adk=928853944&adf=4192467092&lmt=1706807237&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_r&format=0x0&url=https%3A%2F%2Fwww.op-seken.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807238724&bpp=2&bdt=782&idt=299&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329174294865&frm=20&pv=2&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9f6697e701aea7e2d09b36dfda424211cb0cb3e2fa8e7d4d8a8170ba61db920f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
57041
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:19 GMT
expires
Thu, 01 Feb 2024 17:07:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=switcheroo&cls=switcheroo&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=navig&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.min.js
comparisons.sovrn.com/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-7.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
_N7Ldl34Z.PdZpMcZXLC7DYN2lTVj6Bm
date
Thu, 01 Feb 2024 02:45:21 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 08:56:04 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
53074
x-amz-server-side-encryption
AES256
etag
W/"977ae67d2ae005447e6e3ab0b242cab2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3396
x-amz-cf-id
51vzaG2hwK_nksgsZzmjGy8Yjkxi694BYQcbYfk0PfppALaa6UvRcw==
json
gum.criteo.com/sid/ Frame F28F 		428 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=op-seken.com&sn=ChromeSyncframe&so=0&topUrl=www.op-seken.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.op-seken.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2158bfb3ea9d982822471e8de3aebb825078e10a712ab289568194aa7102f6fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.op-seken.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1537160
expires
0
impl.20240201-1-RELEASE.js
cdn.taboola.com/libtrc/ 		846 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1704ca0c65c4e7b42faba6dca3571311871df9f07e47e7af17549ac5eb4cc7d7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
Xcq_MESymHbBadi9O9ZUY4zxAdCpnXsj
content-encoding
br
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:19 GMT
x-amz-request-id
DFGXYVXECN1NAYRJ
age
24468
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
179097
x-amz-id-2
tTm3plI45U6N9ihqPrD2Kirzx0UF9wt6lsRLcFnqu3Ek+NrfMKc1i/B1ueJVaY2NGHHfAIHUktw=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 10:19:30 GMT
server
AmazonS3-br
x-timer
S1706807239.328535,VS0,VE0
etag
"8dd41aefc56db0ebc8af2c2a6d163f75"
vary
Accept-Encoding
content-type
application/javascript
abp
42
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32934
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ Frame C407 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
15191
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 31 Jan 2025 12:54:08 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ Frame F371 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
15191
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 31 Jan 2025 12:54:08 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ Frame 5DEE 		435 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 11:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21310
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139509
x-xss-protection
0
server
cafe
etag
15006055029041311047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 31 Jan 2025 11:12:09 GMT
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0a80d0974f5d9bcdadd06193a1892fd4f8021cd7b7019e3a6fe93894614c84b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1437619
expires
60
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3cf26f8899f1edaa18fe0155e62d11f537bdcef1ad19ac513cfa875d0709286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57039
x-xss-protection
0
server
cafe
etag
5583018382976313239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7149 		850 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&h=600&adk=2895525296&adf=2239707850&pi=t.aa~a.3018774289~i.4~rp.1&w=210&fwrn=4&fwrnh=100&lmt=1706807237&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1777309155&ad_type=text_image&format=210x600&url=https%3A%2F%2Fwww.op-seken.com%2F&fwr=0&pra=3&rh=175&rw=210&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807239690&bpp=1&bdt=1748&idt=-M&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2329174294865&frm=20&pv=1&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=1218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f3eea5ae42d8acc9c6ae23c409a9221db1a6696653e3459af55920c957a2a3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
409
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Thu, 01 Feb 2024 17:07:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 61D2 		850 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0339214227387817&output=html&h=240&adk=3486857928&adf=1692668228&pi=t.aa~a.4150590487~i.3~rp.1&w=275&fwrn=4&fwrnh=100&lmt=1706807237&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1777309155&ad_type=text_image&format=275x240&url=https%3A%2F%2Fwww.op-seken.com%2F&fwr=0&pra=3&rh=246&rw=295&rpe=1&resp_fmts=4&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706807239690&bpp=1&bdt=1748&idt=1&shv=r20240129&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C210x600&nras=3&correlator=2329174294865&frm=20&pv=1&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=852493385&ga_fc=1&u_tz=-60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=715&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C95321963%2C95321867%2C95323004&oid=2&pvsid=1845510207498919&tmod=1937710348&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cbe55cf03cc55135ee2553ae6f679c83221df1a44e9c4a026b5e0190dca98791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:19 GMT
expires
Thu, 01 Feb 2024 17:07:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C407 		31 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=308512939852761&correlator=3547166803370092&eid=31079956%2C95323523&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fif&iu_parts=2867722%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=6&sc=1&cookie_enabled=1&abxe=1&dt=1706807239857&lmt=1706807239&adxs=832&adys=2758&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=j7c4w5ffv2h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.op-seken.com%2F&top=www.op-seken.com&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=835863948&ga_fc=true&dlt=1706807239012&idt=826&prev_scp=page_domain%3Dop-seken.com&adks=1665214448&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
537881bf102d49cdf7b70112fa599498cc88a30151f9c15f2a03e7b96c57260a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13395
x-xss-protection
0
google-lineitem-id
4001082
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138213224857
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.op-seken.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E261 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5DEE 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3325261105681921&correlator=3610304501683485&eid=44809527%2C95323524%2C31080792&output=ldjh&gdfp_req=1&vrg=202401290201&ptt=17&impl=fif&iu_parts=2867722%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=6&sc=1&cookie_enabled=1&abxe=1&dt=1706807239888&lmt=1706807239&adxs=468&adys=2758&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=ddr429bxx5p8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.op-seken.com%2F&top=www.op-seken.com&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=1765969967&ga_fc=true&dlt=1706807239008&idt=863&prev_scp=page_domain%3Dop-seken.com&adks=1665214448&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3bf48ce656a37c462dca0e93a448a9b6de85c5980a094ecf5d6c78c25e822aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13393
x-xss-protection
0
google-lineitem-id
4001082
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138213224857
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.op-seken.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F371 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1918573965498456&correlator=2773943135299147&eid=31079956%2C31080783&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fif&iu_parts=2867722%2C728x90-top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=6&sc=1&cookie_enabled=1&abxe=1&dt=1706807239904&lmt=1706807239&adxs=436&adys=723&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=7iglb3iyxaqr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.op-seken.com%2F&top=www.op-seken.com&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ga_vid=1911416362.1706807239&ga_sid=1706807239&ga_hid=679015717&ga_fc=true&dlt=1706807238994&idt=903&prev_scp=page_domain%3Dop-seken.com&adks=1135666128&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
155330b787cf594776e3a108d9172ff9a579370b8b386242dcb35a30b18dc3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12882
x-xss-protection
0
google-lineitem-id
4162722
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397168770
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.op-seken.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9046 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/ Frame 60AC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

age
64073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 23:19:26 GMT
etag
3890843268177463596
expires
Wed, 14 Feb 2024 23:19:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 60AC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 16:11:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 17:07:20 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60AC 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:51:20 GMT
x-content-type-options
nosniff
age
166560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 18:51:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60AC 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:11:27 GMT
x-content-type-options
nosniff
age
165353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 19:11:27 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/ Frame 60AC 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 18:52:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
80078
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
14359709190881042667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 18:52:42 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/ Frame 60AC 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
79469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 19:02:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C407 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
98c86408edc4e06886d20529bdf1b11e6d495400327d3a5d2919ce4814497657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12223
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DEE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
abbba1651a849097efbed11068de0c74f2eafbdce07de39720f198d7572b6138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12378
x-xss-protection
0
container.html
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F371 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
13de4d229b913002c98724062700774cc4ffd88c4a41b1f6f3d9a2a56d09134e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12202
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9A72 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 15:12:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 17:07:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 9A72 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 18:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
80290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 18:49:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/ Frame 9A72 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 11:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:00:41 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AEE5 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

age
1740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 16:38:20 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 9A72 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
4235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 15:56:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/ Frame 9A72 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 18:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
79992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Feb 2024 18:54:08 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9A72 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:20 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 9A72 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 18:53:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 50E3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
URL: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
166336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
11662.js
ads.rubiconproject.com/ad/ Frame 50E3 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/11662.js
Requested by
Host: 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
URL: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=4196
access-control-allow-credentials
true
content-length
8916
expires
Thu, 01 Feb 2024 18:17:16 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 50E3 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
URL: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 16:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63264
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:45:08 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AEE5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Thu, 01 Feb 2024 17:07:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 50E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_DQokQnkIH7LKoTWGUdy3MpXpSe2ffFjJ7-HfnFULSPHszL4uSUL7Fw-eCAB3d_L31IjHptWp_MCOv_ZFpwAo0OieebALM3zc5FnNgETSHBF0AGMFFBmDxxOPUyXi_B7D0M98eDkTa-eD3DRvWpomLa4-RXuUveLD3n10uH6M0XkHn4oh94blx-nffn48fYu7R7Zn85vmriY3Ef1Oov5MBbk5PjPHH4nkIM1e-LibTPeoqV2DES68jDlN1dSnYrLv8ShyJ9n_-Z83rTaYqubJJCEYfGH-5EF7iyOvo0n0skakYkcxlmZOs9jsEPnyTQhSlXnpWHDrDya2qzqMp4FFIwLtgJ4gE4s0C9Qf279NyCw&sai=AMfl-YQ_cSziJQa8AjHW7ODBgwwewkmvWGeHEmmcsm8reTEozgas-Co4EPDAkyEHM-dq2fejxhIbRbieNBx7k95Faks8S-0c-4cqZ0FIAk7HGgSLObpLUDnpgpxL6GWrgoY&sig=Cg0ArKJSzCQw6k-vS3lFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
URL: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DEE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:07:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F371 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:07:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C407 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:07:20 GMT
container.html
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D40D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
151168-15.js
smarttag.rubiconproject.com/a/11662/36432/ Frame 50E3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.15064347111595588&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3eb388f6f9e3c070b752a3594cf732d01dcde1ca8f8bedcd0e7bd7397b24ecbe

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
container.html
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Fri, 31 Jan 2025 17:07:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D353 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
2401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 16:27:19 GMT
expires
Fri, 31 Jan 2025 16:27:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4A05 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
fe7b2420730266b912eff1cbf5220addf984dda788ace02cbc7e907217cb0bd2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kqKR9zNOUwhnb42tCNfIaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kqKR9zNOUwhnb42tCNfIaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Thu, 01 Feb 2024 17:07:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48C7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
2401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 16:27:19 GMT
expires
Fri, 31 Jan 2025 16:27:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B56A 		829 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
4eff61e552e3fac24e8635a2619af9838dd3140f405343917e4e160eed023094
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M87teymFBKoyWgJy0g0L3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-M87teymFBKoyWgJy0g0L3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Thu, 01 Feb 2024 17:07:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60A2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
2401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 16:27:19 GMT
expires
Fri, 31 Jan 2025 16:27:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 708B 		829 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
add844aa7c7d190d8068311aff59f669e78b1574899348320d18c52410e1aa88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p2DyK_oRtVHBpRbFp9LWhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-p2DyK_oRtVHBpRbFp9LWhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:20 GMT
expires
Thu, 01 Feb 2024 17:07:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D40D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
URL: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
166336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
11662.js
ads.rubiconproject.com/ad/ Frame D40D 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/11662.js
Requested by
Host: 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
URL: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=4196
access-control-allow-credentials
true
content-length
8916
expires
Thu, 01 Feb 2024 18:17:16 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D40D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
URL: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CF26 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
URL: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
166336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:55:04 GMT
11662.js
ads.rubiconproject.com/ad/ Frame CF26 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/11662.js
Requested by
Host: a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
URL: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=4196
access-control-allow-credentials
true
content-length
8916
expires
Thu, 01 Feb 2024 18:17:16 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CF26 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
URL: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 17:07:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290201&jk=3325261105681921&rc=
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame D353 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
4235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Jan 2025 15:56:45 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 48C7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
4235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Jan 2025 15:56:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B56A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290101&jk=1918573965498456&rc=
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame D40D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVmmsmhDdfBQqm5KcIqGDlGxaDFMHmuX7NqtKGSdSlTU7yihqG-4rFtK625tjf1oa-Uxd9MUoD4mR3Epzu8ztvNiiWOG6pmFC2AL8aww7aC34R1ocn6wK3j7bEmJGRs33Iki8KuhP1oXBkX8mB3foHG2RSIUT-b1mbu_AKZfkSu4ei1c-m5SZaht22N5jS8u-WwEASKJgVN5hUvwKKOIeG_2Wn0cnBhH2xB0xFMXfnuB5o2Dogfc9YlMIHVQ_kloWtIhrhjUzOIt9SPVqGxzDNfpHgdfHjuGSrXEEWZGBijkddhUTbQ0nakvo4k2SN6X9QU4YXjypSy3GRQrPNR3KczhfZzH-lA3W59utr0cfDLQ&sai=AMfl-YQVgZR5HL6RboxL83scmWtjf3mieVF0dRWSPjVtKYvXVk5013eygGhUw0dcQAIOgtZoHEhiVznFtpB2i7eRExQJZ85AdbA1u78XLTa-KHXMeQjSUuJa18gwV6giJQQ&sig=Cg0ArKJSzPYZSd8GmukuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
URL: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 60A2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
4235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Jan 2025 15:56:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 708B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290101&jk=308512939852761&rc=
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
151250-2.js
smarttag.rubiconproject.com/a/11662/36492/ Frame D40D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/11662/36492/151250-2.js?&cb=0.7029013626674907&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36492_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7359ce19d5d8538d1fb1c91c7f579af97d4b7064e3be3b049d91913191c735a9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
pagead2.googlesyndication.com/bg/ Frame 4ACC 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:53:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
231246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19599
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 00:53:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CF26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZHyd6Ub1cBjoAG2ejLCp3TcnrEMuKooLCfusb2c_TX7UOI7qdUJy9iIVxJK7UeiX9A801StPzEF9cfDKWLM2IythCk5Cxqr8WUgGDaOBSd8jN_8BW2dOy1sfYB1GvdoaSMRW53hUz3ppNqLR5SMULNGafavrHhGJFj6nAIZR0LJbqtbOwjWdLruNTPDwF7ri7SuB1f4NBh5eN0vfJvwxtHZKLVoTn6ktBfq8_439_q6KN9yAfkGt5TY6cnHO6YqlHEpfkjnWCPz1HtoEojS3gcTsWlKSEYptq0-L4XmPCT8x5gk9LlMexcS0MKvi9APjtCjItuP1QhE8sohdf0ezQ3NlWcNmUYB2psf1f73pG0gA&sai=AMfl-YRigxx-snEIjWx-LnT8YrKk1l-o3JB8HlaTwCaLC5gsWkBCXn9vEBWx66CFCqt72HA-IqjGRDFa7tVzmsV9MbY-j0F5Ul1hC5E8-ZSnHnJF-5Slv-HKZJgmf870yFE&sig=Cg0ArKJSzDf8ymIZV9QNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
URL: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
151168-15.js
smarttag.rubiconproject.com/a/11662/36432/ Frame CF26 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.40503381493718904&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11662.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c95b04709c6b226d82020a86c0c6387f31c182c94de9b9391dd1ebcde1caf846

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
generate_204
tpc.googlesyndication.com/ Frame D353 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0iv4YA
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 48C7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?upsPlg
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 60A2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WARS6w
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usync.html
eus.rubiconproject.com/ Frame 93D4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36492/151250-2.js?&cb=0.7029013626674907&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36492_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Feb 2024 17:07:21 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
6f38effe-b3d2-4de5-965c-740118bfd07f
beacon-ams3.rubiconproject.com/beacon/d/ Frame D40D 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6f38effe-b3d2-4de5-965c-740118bfd07f?oo=0&accountId=11662&siteId=36492&zoneId=151250&sizeId=2&e=6A1E40E384DA563B051DF73FC9D7715A8AC1469EBD222888377C3C0A904745ABD16DCB896B7AB6244084738B6079B1112A9D87F51C581AC82C497F913C1D5F811F743F035A069503B62E63A5EB7740528CC44FA8DD080E13055829405144145A429DC2D5C97B39B001B161855D5543C4ADD84CD4C36B4A0E6AA81EE0ABBF880B
Requested by
Host: 66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
URL: https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.57 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-fr-2/ Frame 50E3 		191 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cfc10bf4bc59d1e6f154a4aabcb5191e096b20bcea34729a3d586bf54c9b81d9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5cGBqvLgKS1giYgWbfi64jHXnwimiCqv
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:20 GMT
x-amz-request-id
82TQC36SMBA1GN47
age
1733
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
22
x-amz-replication-status
FAILED
content-length
47959
x-amz-id-2
u7Mj4vp8tc6nJHLXw5aDDiRJn12k+sa+HvFzFKyTKwIZ7GlMAdWrO/TCWJeGZ6xiFlRQTGsTpCI=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 16:26:49 UTC
server
nginx
x-timer
S1706807241.966566,VS0,VE1
etag
"cfffcd724f68988a645f22634a309509e21a87ce"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
24
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
usync.html
eus.rubiconproject.com/ Frame 2650 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.15064347111595588&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Feb 2024 17:07:21 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
660f3c6f-b0aa-4581-88d2-0d30b0c082d5
beacon-ams3.rubiconproject.com/beacon/d/ Frame 50E3 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/660f3c6f-b0aa-4581-88d2-0d30b0c082d5?oo=0&accountId=11662&siteId=36432&zoneId=151168&sizeId=15&e=6A1E40E384DA563BE6D408D36EB30EB734A7E802998795B0CB20B381664E942BB7CFB35B816163706EEF589DC8518115197C4E3B90446B8975ACAEBC1BB48E8E58CE56DCBC5A5ADFC904CA322242C1A68908FCB4AE3E8E8238476BE1C72102DB5D477444295ED1F38922E481713F96EA9B5DE5C4E039B1223B22BBF4B8D91D8E
Requested by
Host: 2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
URL: https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.57 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-fr-2/ Frame CF26 		191 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Requested by
Host: www.op-seken.com
URL: https://www.op-seken.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cfc10bf4bc59d1e6f154a4aabcb5191e096b20bcea34729a3d586bf54c9b81d9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5cGBqvLgKS1giYgWbfi64jHXnwimiCqv
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:20 GMT
x-amz-request-id
82TQC36SMBA1GN47
age
1733
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
22
x-amz-replication-status
FAILED
content-length
47959
x-amz-id-2
u7Mj4vp8tc6nJHLXw5aDDiRJn12k+sa+HvFzFKyTKwIZ7GlMAdWrO/TCWJeGZ6xiFlRQTGsTpCI=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 16:26:49 UTC
server
nginx
x-timer
S1706807241.967813,VS0,VE0
etag
"cfffcd724f68988a645f22634a309509e21a87ce"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
24
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
usync.html
eus.rubiconproject.com/ Frame BA8B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/11662/36432/151168-15.js?&cb=0.40503381493718904&tk_st=1&rf=https%3A//www.op-seken.com/&rp_s=c&p_screen_res=1600x1200&ad_slot=36432_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Feb 2024 17:07:21 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cbe841ef-759f-49e0-8f74-3fbe3cdee210
beacon-ams3.rubiconproject.com/beacon/d/ Frame CF26 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/cbe841ef-759f-49e0-8f74-3fbe3cdee210?oo=0&accountId=11662&siteId=36432&zoneId=151168&sizeId=15&e=6A1E40E384DA563B40B7991FD4CFA49E2321B435D7823CEC9274E1B687D58E95BB11B86EE15FC2288D131B4965F59624DCFC19BA47F6673CCA93AD130360DE3891ED77D2DAD62C9DB8B582EBACE6C3C3E8440C38DD95BBCFE7C8193094F5F62F037F4C6832952A2B83FE7DE1A5808185E1501A5C29ACF5C995BCEA9A1A431B34
Requested by
Host: a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
URL: https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.57 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:21 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame D40D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2acc044ac4bcbac661b9adf9590dac4c33c60239d12c5db71a5219ab5ac2364

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 50E3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84975e2084041e7a3d385435f6d2df5f8a3a6ec805fbbf28c8a7b6ad8bb8d471

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CF26 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ff5b82319974132039e8bab9fb8ce4fe7e9fc5cb50278d192c812758f67b3b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
impl.20240201-1-RELEASE.js
cdn.taboola.com/libtrc/ Frame 50E3 		846 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1704ca0c65c4e7b42faba6dca3571311871df9f07e47e7af17549ac5eb4cc7d7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
Xcq_MESymHbBadi9O9ZUY4zxAdCpnXsj
content-encoding
br
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:21 GMT
x-amz-request-id
DFGXYVXECN1NAYRJ
age
24469
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
179097
x-amz-id-2
tTm3plI45U6N9ihqPrD2Kirzx0UF9wt6lsRLcFnqu3Ek+NrfMKc1i/B1ueJVaY2NGHHfAIHUktw=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 10:19:30 GMT
server
AmazonS3-br
x-timer
S1706807241.055821,VS0,VE0
etag
"8dd41aefc56db0ebc8af2c2a6d163f75"
vary
Accept-Encoding
content-type
application/javascript
abp
43
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32937
impl.20240201-1-RELEASE.js
cdn.taboola.com/libtrc/ Frame CF26 		846 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1704ca0c65c4e7b42faba6dca3571311871df9f07e47e7af17549ac5eb4cc7d7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
Xcq_MESymHbBadi9O9ZUY4zxAdCpnXsj
content-encoding
br
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:21 GMT
x-amz-request-id
DFGXYVXECN1NAYRJ
age
24469
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
179097
x-amz-id-2
tTm3plI45U6N9ihqPrD2Kirzx0UF9wt6lsRLcFnqu3Ek+NrfMKc1i/B1ueJVaY2NGHHfAIHUktw=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 10:19:30 GMT
server
AmazonS3-br
x-timer
S1706807241.057104,VS0,VE0
etag
"8dd41aefc56db0ebc8af2c2a6d163f75"
vary
Accept-Encoding
content-type
application/javascript
abp
26
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32938
sync
gum.criteo.com/ Frame 50E3 		73 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6d3d659f451bcbd8c3646d862a9b34abafa20bf8295b7832a0d3bb982ffa8cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
808242
expires
60
json
trc.taboola.com/forumotion-fr-2/trc/3/ Frame 50E3 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr-2/trc/3/json?tim=16%3A07%3A21.123&lti=deflated&data=%7B%22id%22%3A659%2C%22ii%22%3A%22%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1706784649212%2C%22vi%22%3A1706807241121%2C%22cv%22%3A%2220240201-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2F2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1%22%2C%22vpi%22%3A%22%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fn%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22300-250%20Thumbnails%22%2C%22orig_uip%22%3A%22300-250%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%2C300-250%20Thumbnails%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c744d62b402e15a6111cd10198a0a79c7aab57a16c4f6312d504d58b00fcbfa0

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
367
date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.5158333333333334
x-fastly-to-nlb-rtt
105963
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lis1490045-LIS
x-log-content-encoding
gzip
server
nginx
x-timer
S1706807241.153201,VS0,VE367
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
gum.criteo.com/ Frame CF26 		73 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0736dc3abc54bf5834a58ba96a2fb13670bbaabbcbe4b4d86adf2ff9335df7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
729939
expires
60
json
trc.taboola.com/forumotion-fr-2/trc/3/ Frame CF26 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr-2/trc/3/json?tim=16%3A07%3A21.150&lti=deflated&data=%7B%22id%22%3A65%2C%22ii%22%3A%22%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1706784649212%2C%22vi%22%3A1706807241150%2C%22cv%22%3A%2220240201-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fa042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fa042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1%22%2C%22vpi%22%3A%22%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fn%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22300-250%20Thumbnails%22%2C%22orig_uip%22%3A%22300-250%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%2C300-250%20Thumbnails%3Dthumbnails-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca9d4267cda3c079c88f46e52badb7f469519d380a5ea5643a5fd7f524346ea

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
356
date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.651875
x-fastly-to-nlb-rtt
105941
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lis1490045-LIS
x-log-content-encoding
gzip
server
nginx
x-timer
S1706807241.173763,VS0,VE356
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/forumotion-fr-2/log/3/ Frame CF26 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/forumotion-fr-2/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
pragma
no-cache
date
Thu, 01 Feb 2024 17:07:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
usync.js
eus.rubiconproject.com/ Frame BA8B 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
39ac2f855c866a6de013c988860a0a0b8866176bd528b801bb1edbd388430a9d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:07:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Feb 2024 07:43:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52556
Connection
keep-alive
Content-Length
10921
Expires
Fri, 02 Feb 2024 07:43:17 GMT
usync.js
eus.rubiconproject.com/ Frame 2650 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
39ac2f855c866a6de013c988860a0a0b8866176bd528b801bb1edbd388430a9d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:07:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Feb 2024 07:43:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52556
Connection
keep-alive
Content-Length
10921
Expires
Fri, 02 Feb 2024 07:43:17 GMT
usync.js
eus.rubiconproject.com/ Frame 93D4 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
39ac2f855c866a6de013c988860a0a0b8866176bd528b801bb1edbd388430a9d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:07:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Feb 2024 07:43:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52556
Connection
keep-alive
Content-Length
10921
Expires
Fri, 02 Feb 2024 07:43:17 GMT
ping
api.viglink.com/api/ 		261 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.153.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-153-16.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b8849ca4cf0ed46bdc56edafb6bdfb1d63551f43c72c9c6bae1617f1c6c991c7

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 17:07:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.op-seken.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
261
Expires
Thu, 01 Jan 1970 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame BA8B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame CF26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrjzEvqUyc9yJQF9khRJUKB0bJMOhibE11fI_eP3cEQfhu-Rrez0ZdbZZpGxxGOe6ADmzWbhfPxb8-4XIYL0wbl3wdgmmIFGbF8MHhOL9jgumrllu7yDP9a6Ye8B9a3k5B9V1FVqNbvDZgqrpKaGS53aYOFh4d6xFTXR_mbpNb8acAVTSj06NPCYcEASFjeBlQD7lj483ezfF5-JcWCFybMYIMZ67OTe4b9WKz0sEv6V1cdGos76vth4tNibWgi4mDaAsoaFTHmOXINPDY9KhJBsI2EdLBA4GKN1TRs5PWExe_Y2MgiQdlZ358ITTuwSWvTjK1KZVb9z5kwKBFVIItZZ_P6g-0-1l_c1s-2Gft7Roncg&sai=AMfl-YRssbwRPJS9y2i2mSVtBYi0gAb1rKDoH70xp0XymD-dZunzBtggxN4RrjDK6FNH4Bu22xkw7sn4s9i0jjGQiurDomC9PBI6C5HtcKWcyx2iD7uSSJyfWSK4lCfs3z0&sig=Cg0ArKJSzCaLw4CTUwQOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 17:07:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 50E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6ffum-b55X_P18BPfuILwThXwdoZ8Vcsl__FWZWErGcmKITw00V8kBiqGgRtmcnYYJN4mHr5gQmZMnL4DJzFeVyPTqp_X0osQrm2vSYccn-7wx81vuJbNYs3bro4X07ZHRruiyrqU7O2tZN3cWuaacDZdFrFcGW-6u_-MXgnW4C-SFS7JD_cME8B87eQVYD5Fle72y8ScUbTbTKlVASfRgkyjMk8rYCmQeAPwBEFSqf8ThlXS_8ZyUmlxjuwGXHPgmWeMV4wjtSPphZIctv1DRBBYqUyMoZd5UndEhYzakLh-FX4DGwGWVAuRZzlAnbrioFdWAgZXRwSfjvy1AQXc095d0FuzKfHD8uuswIHaklUFBA&sai=AMfl-YQPBJNcKPlT3sNJuq_AN4_dbHRjBKxA4jYcGMXGM-m6bcUUgoSPvmJcYuiPns6JyG0BMgmu8iZkGn9dJTboEh3yvF1eZFw6HV13KokLCKJzDTdGdPc0JN7jl690r0M&sig=Cg0ArKJSzCb0KtK1kKOCEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 17:07:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D40D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMOwhn0WgTfZzgc-WRXlJi1Y5QGjDKHGQUpVZttQgMbbVkpk9KbtAXBGc-wWDxHh4es8jkG4Ad7TDTGHr-W1mYQPnuxPMjSqD3W8ryFrfw7zXPrL4Zv2kqHiUi00exVSEakf4FHyGCYK6zzkp1UgBNUb9l7PWl1Zu68bt5WoUNUhC3z13eyDqxDCVokOWMfrZYhp74BICB259KWn5KIOJR6Nga1FDGC4EXXJlwQPpAzOKM2lXqUvLalOHluqtS9JI1CjviC8LcXqA5IXOjYQFWx5Vw6RNQC_5s-PSBgnSYZhUhqO4lpwpfgFVNYCcv_Js9o9bR9l6EcDRlxmYXgUFcn0J6rYXl4kSp4ARYeLM9BQTt&sai=AMfl-YTQyFrfBoHK1go_17tE00hIPzZ51IASW3hBaAvPsW3ne4sFV5KvfYqDKjMHjq588NIc10nt14Ol8QBFNNipdI-fX5k5PQTjU-YOJV2NChhYOCcmqEBaZLbT_L9KLh4&sig=Cg0ArKJSzLHzOY4UKMBAEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 17:07:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
cfca0003e720b3b1880c0a729a8eb44a954ab340b0b81ef070b8e60d0f795a08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12204
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0339214227387817&plah=www.op-seken.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:07:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290201&jk=3325261105681921&bg=!NjWlNXrNAAa8BdJLnAU7ADQBe5WfOAy3IMEo69hwE7Sln86Eol2C0r7jRF0Gh8iiBE2viBg0w_5kgn-s8xK1QYrEaA30AgAAAJZSAAAAAmgBBwoAlW8zcC2bGucaECk4UVfJMslsPERfwvAI3bOoi8U_u9VJEdyVVBZUYZnpuq25NfPd003LH-e1eqvfC99fwLXUyODcNbv8BmIRwGitOoijfM6ytNBvbsS-TSeMB4nfWYje_PIIpkx5udLwhYi-Q9xQfJ4XKwM4CA4fg73KOxuuTD6SYV-mrnif9hP0ELXXuJtKxEqSXcAumQLCVmDnsLrJRnjKoz7ggPjUC0GrBBUYcKl7tIRTmKZ3NKNkdHhvZnNGUYOIip2TZ4Xyfm3rlj3dYEs6ekpM0TX1JF6h6MGyisNK5cNukOdguHhDaM9HzRwnpnHmHAfzAUDf7I7BJDLCvZD1z7FhRjK2ZKviBW3F-C3rNHzFwQOsu_xImvsCI-XNxhLPRNtG0aoOCtyWXfbSnzbiZ2GPwnfz-Uim7no_gLGEL4vII5Fv3bjqgaS3Tye5tH4C5ZEFMAmfW9xPZffnpscrBFJfbKo5zwRX8FH9pdg5x7ZOvJmp6MES2JJRDznBs6oR0UsOFPFHiVHuw0eGjNUQbFM1MIyyZu1aU2E7d5GKIUMb6FyV80VYQ2bDmDsOaZK7irs_Kd_-FpG55nd3c6r_KaJ0qZZsSBHCtcPZL8YbYEPoTUCToF-k3X7g46DWypYQnpxdVvwWMYfRPBkLThcVfAMX5PRsjc_DlZK0IO_h98cc7ynKGUyOS2OyFskVH5Qs_dTU67gmLUEpMh3LpRKtnXur6hKX7pQANTYNoNKWbWUl1yfUsWwhH6Ruqn7diUbCI6adG4gjNZAfypPPJgXqIWrWfmVtx167xeZvO7kNzVzIESwZ08dkBcumO8O3EDU-6ow25uxFKm0z-yMtdGf17s0nykw_KD5C8cdlyRsas4sLxYO26Ey0t1ryTBwFqifDNloR8xddOvWwiXt7WYaRT_lTPmtAPGm6OeK-HWizlvEbeRu9vwFVAw0Shuyk-dwTucAo6kysuZPanFxHuRygGFjkmxVgKLt33ngFp2Gar8RcoGXLvyB8Lh_utibfaBQpdrMnUMQA9F3g6OKszfYV-weMQ8S4mJ7qFJ2t7SOriVNHOFw0AG1kY3jLXQlb03pC4kwswqwR0dXHKww09pRiNgWvir_jsLRHU6hruTzxAWAD40Zr9g7Dhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C407 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290101&jk=308512939852761&bg=!qKulq-TNAAa8BdJLnAU7ADQBe5WfOH-0HhCsnI6kFJGC6DK-iETWpTdMyx-F7n9ZhihH7HJMuDooHGmw_W4UriH92Bv0AgAAAIBSAAAAAmgBBwoAc4tfUpFq1KaXXJNs00jkO-daVf4e_bcwHIM5FzZ7dC9PfXt_lZ7cW1I3UpuQm-LGbkIDFeNWcZIjAJwuQFS-7OIHlGx-teJlFfKwoUqHvFSmyrNL0BvapedLFfqbjx-K2s1RwWRKNGghSUVnfz3eAtBmHp2ZAs5od1BuhNWq1zkNSiHexqnc8RNvZCg6GbmOpPoHmfKB0jYgkzeZflWcHgFEyU1kr4Huh9ZxDtgpJUdrOEtqmq20enuwGAVC1aC2Ya2IcABN2kRWk_VIhZZ0tPPqtQ-BQkqBUKaNZGmMczFe7cFy6jAp3ijfptJRjIl68p1oyyU40m_50OoBZeTwIFnF4L-ywzMOA_VQcfO-JwFsXCj1fkZVEtbZ3reS2sYqmAnRUWCF9mEYrW3J5hTaunj9M6_s_Pxqvf6N4qMKs90xFMGfKQVxVgdqgruzINW2Z8EWqXvzJdLhZ_hqxOMflMhK0Py-oB1nKM_hw4ZdKWgbEey3QU_O0hHvOurjfR7IyVJHiKEb-cUa0UUhMuj9W_vsdRw0qttqUbZ1ibYo8INYNPh2HXUa-8XACR6P-wIMV7e9G3LnjUrkTvWZynkyLgL2Fglm2IhAmLtm6u-peWvrUG-6WZwq3Az-ChKyI9mpqH6kictKy1yq7oe56YfnKom8ThY_HV7WHCJGlkcn9gNrgD7pRj-uFRXRRCmMr2nrkWD8HfTRtqAol12pnz6xMjpEcAFTOVBSjCj8Q476w4BJVPz09HghXZYgGfRsBF2dKaz6dmSgsOPHRobkMwX4EKhLRCtf79Px-zI07RNpQ_KvY-Wcy4L5pO_v_T2U0SJChnkr7t_RWPjVc0WTLmfN5cs40Qi9-U372Fcs3CqdtcNUhQKr76TwfC5WBk4lY25SWITz0uH227x4uD78p-9E-RUGGYrpHFzFFpThSVIaFJxk84t3rlYJjXb5NMZnKUJKmv-aPi7dZLWN71Q7d9kXgOSBGnbGNpbnD_2BDH0ZZiQpHCQl3_F0-i1EtrQekLysuyabuNqMswpxEs9uxQ7RADIhB0LkhQd_2gw6Qg-RPP3Woa1BM_KK0QkixnfKy6Pjm70BNxLeKD46ZoWtZGI4YfVBUhoJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F371 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290101&jk=1918573965498456&bg=!vb6lvvHNAAa8BdJLnAU7ADQBe5WfOFAx0J-ZLs_W3oNZsDdcTVjvY_Y5LvMQchacJZ4_V8zxpVnzxX_AYdfZR9gpFmoeAgAAAM1SAAAAAmgBB5kCyKxu-liYUy6A8pFIm7UO0rcaqwPzUj6wU9FXXrj6qYCYdvDUi16V8xp4CsmYqhK1dgoVVBtfwT3tgRrm6ocAuOlNZ8-A4EyG-aVYPUosMdzBJYUeV-YKWwIwSk9Dwot7OR78sfX34MnfzhdikzQa00rksI4DekTaqrDS449el0xAnGzkuw7ikZWRYLZ8eVpsbUHX1JH3h9nyJizv4H5_ImwyJKlFQIgBV3R3FZKr8fsRpGE-sGulRZZH0HXGf1uiIcgLoy5fMlXYtkDuDGoAAXGwqmhl6UyxcIXUriKtn1oxOnTJz8fjj1kGx7Qjda2iyT_qUMPoEF061wq7FscfvpxjuJB0Qc1SJedcNp4u19tHK-6rAAsvgHo_B3fcWcu4k_yjCROnec9i6zOxa7BS7hWhX0wtytZGoALldCTsqr43SsAmGDRfQ0aFkqaVllNqQ16h5HNVQwQHSnY7H45x47hPhJnM6vHoKgx4qGDXNTEcsD767Q_Bndm6EtAzG6FfotR7nFJciVIBjSi8gJZMXWqYns2y0-1VsOCvWkenw5wiqBxhQZmL2nSrDvs3XcVAb-mXBHsfxw7zM2SwnTUgUaxYUYYQwSMIjfVDbIAq4qOAelQr_lE954xtjFVKYRsS4hwnT4kHCr8Qq0rdv69A71k1ElmzQ9SmCTu4PKxPvytrlBMb1B9F00vEiDmb1IVq_CbWZfRrRU7SnOUg5GLO0G88fF10BiCBOltzA9S_qWhON8CfKXhez-bxOaYEpOgWtgv8jjBTMKNYtEerPe7iB8v7ddUp6XrDdpXns9TN1rnA-s-LsyaY8Mxy2qUDAkgTVrkdILuyJ6TyqRxNCDgSmqAsTBgKWsQ_RaGC8lUbck58CnRiG4Rtq9UGGwnec1q6JKx8GR5g3ZMNi3uhsNMFqW0Wq59rDxkhapLYbfO1-_heB2B4lPXPMms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
tb
15.taboola.com/ Frame 50E3 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=forumotion-fr-2&unitType=226&tbloc=&pageType=text&pstn=300-250%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2F2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&encoded=1&uid=8baed82d-7e38-4722-823d-06e942d9b033-tuctcb55549&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1706807241557&tagid=&cntry=US&platform=1&sesid=1388527c5d289ed804aa2c276b4eb318&itemid=/safeframe/1-0-40/html/container.html&viewid=1706807241121&geolat=&geoing=&deviceifa=&appid=&sd=v2_1388527c5d289ed804aa2c276b4eb318_8baed82d-7e38-4722-823d-06e942d9b033-tuctcb55549_1706807241_1706807241_CNawjgYQ4sFEGKHTjq3WMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGidzfrzge6GznlwAA&ri=7b44edebc15c5a1eacd746f80eb1aae3&appname=&cdb=&gdprApplies=true&rid=&sii=-6843676203592666980&oee=true&tpubid=1122530&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=NY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9058&gvv50=9058&gvv61=&gvv62=14386
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3f18b8ea6f5c04464490c3f4ac2add84f7e69cb934c100b85f1ea30c30695e8

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1178
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807242.599908,VS0,VE203
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20240201-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 50E3 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240201-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8cdadeafbbab7dbf29c8220ba548aaa6ff9c33f44e5cc2e571d7692b6832438

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
qj_E1VPyYm5UKmgWhMVMXN4N5BhT_nNS
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:21 GMT
x-amz-request-id
39CVYE0JNFC8WGBW
age
24342
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5538
x-amz-id-2
Wt4/yPa4TwFRCG0m5dw3jBCDVwHYsx14AyKTP+EqeaI4Pxa6qU4kKH25yrmKQnVQ5TwOkHsRMHU=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 10:21:36 GMT
server
AmazonS3
x-timer
S1706807242.580970,VS0,VE0
etag
"9b72bc8be85401d3f1b4c210eb7ef2e0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4230
abtests
ch-trc-events.taboola.com/forumotion-fr-2/log/3/ Frame 50E3 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/forumotion-fr-2/log/3/abtests?route=US:CH:V&tvi48=14791&tvi50=9058&lti=deflated&ri=7b44edebc15c5a1eacd746f80eb1aae3&sd=v2_1388527c5d289ed804aa2c276b4eb318_8baed82d-7e38-4722-823d-06e942d9b033-tuctcb55549_1706807241_1706807241_CNawjgYQ4sFEGKHTjq3WMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGidzfrzge6GznlwAA&ui=8baed82d-7e38-4722-823d-06e942d9b033-tuctcb55549&pi=/safeframe/1-0-40/html/container.html&wi=-6843676203592666980&pt=text&vi=1706807241121&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1706807241550%7D&tim=16%3A07%3A21.551&id=1795&llvl=2&cv=20240201-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 01 Feb 2024 17:07:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
tb
15.taboola.com/ Frame CF26 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=forumotion-fr-2&unitType=226&tbloc=&pageType=text&pstn=300-250%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fa042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&encoded=1&uid=25d85705-a206-4db9-b1db-2b68973f09dd-tuctcb55549&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1706807241567&tagid=&cntry=US&platform=1&sesid=d63f84f505f71a6f772f49d0317b0864&itemid=/safeframe/1-0-40/html/container.html&viewid=1706807241150&geolat=&geoing=&deviceifa=&appid=&sd=v2_d63f84f505f71a6f772f49d0317b0864_25d85705-a206-4db9-b1db-2b68973f09dd-tuctcb55549_1706807241_1706807241_CNawjgYQ4sFEGL7Tjq3WMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGidzfrzge6GznlwAA&ri=a35734dbf65a8d4577ddcf37c4f86948&appname=&cdb=&gdprApplies=true&rid=&sii=-6843676203592666980&oee=true&tpubid=1122530&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=NY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9115&gvv50=9115&gvv61=&gvv62=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ad08e0cab1b313aac6f3225b21cf9015f9e7e9a9eaf71fc2f0f827930d83639

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 01 Feb 2024 17:07:21 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1141
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807242.599803,VS0,VE201
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20240201-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame CF26 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240201-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-fr-2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8cdadeafbbab7dbf29c8220ba548aaa6ff9c33f44e5cc2e571d7692b6832438

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
qj_E1VPyYm5UKmgWhMVMXN4N5BhT_nNS
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:21 GMT
x-amz-request-id
39CVYE0JNFC8WGBW
age
24342
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5538
x-amz-id-2
Wt4/yPa4TwFRCG0m5dw3jBCDVwHYsx14AyKTP+EqeaI4Pxa6qU4kKH25yrmKQnVQ5TwOkHsRMHU=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 01 Feb 2024 10:21:36 GMT
server
AmazonS3
x-timer
S1706807242.591014,VS0,VE0
etag
"9b72bc8be85401d3f1b4c210eb7ef2e0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4231
abtests
ch-trc-events.taboola.com/forumotion-fr-2/log/3/ Frame CF26 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/forumotion-fr-2/log/3/abtests?route=US:CH:V&tvi48=-48&tvi50=9115&lti=deflated&ri=a35734dbf65a8d4577ddcf37c4f86948&sd=v2_d63f84f505f71a6f772f49d0317b0864_25d85705-a206-4db9-b1db-2b68973f09dd-tuctcb55549_1706807241_1706807241_CNawjgYQ4sFEGL7Tjq3WMSABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGidzfrzge6GznlwAA&ui=25d85705-a206-4db9-b1db-2b68973f09dd-tuctcb55549&pi=/safeframe/1-0-40/html/container.html&wi=-6843676203592666980&pt=text&vi=1706807241150&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1706807241565%7D&tim=16%3A07%3A21.565&id=6915&llvl=2&cv=20240201-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 01 Feb 2024 17:07:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
ch-trc-events.taboola.com/forumotion-fr-2/log/3/ Frame CF26 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/forumotion-fr-2/log/3/bulk-metrics?tvi48=-48&tvi50=9115&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
pragma
no-cache
date
Thu, 01 Feb 2024 17:07:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
38861cc9cf771fc11fb0e78aedb38dfa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 50E3 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e9fbfff5f377337717c9fd4f214cd0f3b423818af5b9fd25422b204f8b3223

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Feb 2024 17:07:21 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
age
1915715
edge-cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
212
expiration
expiry-date="Mon, 29 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.usatoday.com/
content-length
15312
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100087-IAD, cache-ewr18153-EWR, cache-iad-kiad7000143-IAD, cache-lis1490045-LIS
last-modified
Fri, 29 Dec 2023 06:49:46 GMT
server
nginx
surrogate-reporting
width=360,height=180,bytes=24096,owidth=1200,oheight=628,obytes=323610,ef=(1,13,17,23,30)
x-timer
S1706807242.595669,VS0,VE1
etag
"3cf5075f7540137cf20c80af3507a469"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7323 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
2402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 16:27:19 GMT
expires
Fri, 31 Jan 2025 16:27:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 373D 		829 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
25ea8bb38acc9d755fd03232352174b1345318598a2351b5906c1d2cf41d42ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qv-Ki8AzVJJfNGwqSmk1uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.op-seken.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qv-Ki8AzVJJfNGwqSmk1uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Feb 2024 17:07:21 GMT
expires
Thu, 01 Feb 2024 17:07:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
38861cc9cf771fc11fb0e78aedb38dfa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CF26 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e9fbfff5f377337717c9fd4f214cd0f3b423818af5b9fd25422b204f8b3223

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Feb 2024 17:07:21 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
age
1915715
edge-cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
212
expiration
expiry-date="Mon, 29 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.usatoday.com/
content-length
15312
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100087-IAD, cache-ewr18153-EWR, cache-iad-kiad7000143-IAD, cache-lis1490045-LIS
last-modified
Fri, 29 Dec 2023 06:49:46 GMT
server
nginx
surrogate-reporting
width=360,height=180,bytes=24096,owidth=1200,oheight=628,obytes=323610,ef=(1,13,17,23,30)
x-timer
S1706807242.600032,VS0,VE0
etag
"3cf5075f7540137cf20c80af3507a469"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
sync.js
api.viglink.com/api/ 		43 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/sync.js?key=18d81f55cfc0fd275a864f494f914b76
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.153.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-153-16.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 17:07:21 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.viglink.com/api/sync.gif?key=18d81f55cfc0fd275a864f494f914b76
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.153.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-153-16.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 17:07:21 GMT
Server
Apache-Coyote/1.1
Content-Type
image/gif;charset=UTF-8
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/ 		41 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.153.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-153-16.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
f3742624535937e56bb275ff1e8b246136fc29f2ad57d3e1c51286d760b11308

Request headers

Referer
https://www.op-seken.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 01 Feb 2024 17:07:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.op-seken.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7323 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
4236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Jan 2025 15:56:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 373D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240129&jk=1845510207498919&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7323 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A4j0hw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.8/ Frame CF26 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a12ba0f36bd788c565eef1f9855c82ac4e28c17e4dab3a23eb69fa708474eee

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
via
1.1 2b1fd1e1421ca124eaa002817c6c475a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-P1
age
15444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34040
x-served-by
cache-lis1490039-LIS
last-modified
Thu, 01 Feb 2024 12:49:05 GMT
server
AmazonS3
x-timer
S1706807242.941324,VS0,VE0
etag
"5f731ba1d49a05a7924937ba8f352d03"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MYWF3Fi2-YErqDOTrpqwHLajekX2rhOiTgplSUAKjcZbn1v8_fNrVA==
x-cache-hits
339
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.8/ Frame 50E3 		120 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a12ba0f36bd788c565eef1f9855c82ac4e28c17e4dab3a23eb69fa708474eee

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:21 GMT
via
1.1 2b1fd1e1421ca124eaa002817c6c475a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-P1
age
15444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34040
x-served-by
cache-lis1490039-LIS
last-modified
Thu, 01 Feb 2024 12:49:05 GMT
server
AmazonS3
x-timer
S1706807242.941324,VS0,VE0
etag
"5f731ba1d49a05a7924937ba8f352d03"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MYWF3Fi2-YErqDOTrpqwHLajekX2rhOiTgplSUAKjcZbn1v8_fNrVA==
x-cache-hits
339
38861cc9cf771fc11fb0e78aedb38dfa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame CF26 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e9fbfff5f377337717c9fd4f214cd0f3b423818af5b9fd25422b204f8b3223

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
age
1915715
edge-cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
212
expiration
expiry-date="Mon, 29 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.usatoday.com/
content-length
15312
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100087-IAD, cache-ewr18153-EWR, cache-iad-kiad7000143-IAD, cache-lis1490045-LIS
last-modified
Fri, 29 Dec 2023 06:49:46 GMT
server
nginx
surrogate-reporting
width=360,height=180,bytes=24096,owidth=1200,oheight=628,obytes=323610,ef=(1,13,17,23,30)
x-timer
S1706807242.052921,VS0,VE0
etag
"3cf5075f7540137cf20c80af3507a469"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 3
38861cc9cf771fc11fb0e78aedb38dfa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 50E3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2e9fbfff5f377337717c9fd4f214cd0f3b423818af5b9fd25422b204f8b3223

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38861cc9cf771fc11fb0e78aedb38dfa.png
age
1915715
edge-cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag
449522624327100818370829214516785396021,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
212
expiration
expiry-date="Mon, 29 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.usatoday.com/
content-length
15312
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100087-IAD, cache-ewr18153-EWR, cache-iad-kiad7000143-IAD, cache-lis1490045-LIS
last-modified
Fri, 29 Dec 2023 06:49:46 GMT
server
nginx
surrogate-reporting
width=360,height=180,bytes=24096,owidth=1200,oheight=628,obytes=323610,ef=(1,13,17,23,30)
x-timer
S1706807242.086430,VS0,VE0
etag
"3cf5075f7540137cf20c80af3507a469"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 4
st
imprnjmp.taboola.com/ Frame 810A 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&cmcv=&pix=undefined&cb=1706807242286&uv=3374&tms=1706807242286&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!uf1p_vA!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ae40df39-03dd-415f-9986-0360a6528142&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47d2017484b75e40a82191dfc8ce20bf735d5c966adc1fe5b3093f3bf7a657dc

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:22 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lis1490045-LIS
x-timer
S1706807242.328651,VS0,VE191
sync
us-match.taboola.com/ Frame C967 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
cf7f08d934b075a196af102248d1ca330b5dd1d8c26cc8a05a099b62d936d51a

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:22 GMT
machineid
3106
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame CF26 		2 KB
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=5974485&noaop=3&sortOrderType=0&cb=1706807242290&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1594&pt=529297712&tz=-60&viewable=true&ddast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=2&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2393605&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!uf1p_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fa042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca012310dce65846463024db05eb99edd59b9510854948e11e244b1d6286ca8c

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 01 Feb 2024 17:07:22 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1124
x-cache
MISS
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807242.314843,VS0,VE283
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/ Frame CF26 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&cmcv=&pix=31589837&cb=1706807242286&uv=3374&tms=1706807242286&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vB!uf1p_vA!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1706807240592.9!ts:1706807242286&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:22 GMT
content-length
0
server
nginx
st
imprnjmp.taboola.com/ Frame 146B 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&cmcv=&pix=undefined&cb=1706807242317&uv=3374&tms=1706807242317&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vB!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&aure=false&agl=1&cirid=dc229410-00e5-4206-b4d2-48ad4ea896c7&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0879d6b397346911db0f576cb68efa6a56aee1a07bd695d1a37932b4d6f9f097

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:22 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lis1490045-LIS
x-timer
S1706807242.342426,VS0,VE192
sync
us-match.taboola.com/ Frame A22D 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1fad4e11855cd9385e162a14ad98e2d8c29d50467bd0b750c8b6a7eec5566b50

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:22 GMT
machineid
3107
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 50E3 		2 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=300&height=168&pubid=169497&tagid=953497&crid=5974485&noaop=3&sortOrderType=0&cb=1706807242319&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1594&pt=-138422025&tz=-60&viewable=true&ddast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=2&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2393605&dpubid=189227&abtst=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vB!ufm&mPre=0.033&cirf=https%3A%2F%2F2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ad075129c7ed11c686540852a89d2154ed274a494a80a6850041dce28ee72de

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 01 Feb 2024 17:07:22 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1198
x-cache
MISS
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807242.343132,VS0,VE482
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/ Frame 50E3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8015557&crid=5974485&dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&cmcv=&pix=31589837&cb=1706807242317&uv=3374&tms=1706807242317&abt=adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vB!ufm&ru=https://www.op-seken.com/&ft=2&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1706807240213.2!ts:1706807242317&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:07:22 GMT
content-length
0
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240129&jk=1845510207498919&bg=!3d6l3pHNAAa8BdJLnAU7ADQBe5WfOJc3v-lxL9pUOXp8XTJVyuQjZXpIc2NWrD-g3HbEd3JFpy1BfKWwl1L-AmSC1OiDAgAAAD5SAAAAAmgBBwoAvwIDY8S-4U9skiBasroSZmMql-O0v9DzZ8mKCYi8xifs6xuUqX6iPHDnVPfPre7QAacYo6hvT57-nPqdQKNq8BQYfZHDh6IY-VbLB_qAgqelfI2-vHuBWL47F7lzqpanLFZuPeyzw2Fu7KeCpC0eaZXMxihdqdCLy7CfTr1ZlbzQIlEidsuW6D2r-fD8TqaJHRwPDP5dZQBkELiCDgiwZVO84LPCMQgEXt1mujV-l_fIHIcoej_S7Tn6nTisR_6bmQK9YKgdSL38O0881UP7enWhkbsTAMTubJARwDS5AgCcMYbQSW1w46e4nE6SpxVRVxdoomC8j2ElEmXvXHgxz8RnNMsLJg2XIBIc8nMBowS0SXoN86gldgigAsb5kwzpRSOaSWoeKPM9_vlgLI-g__Easy93-nQ--5HcTDFwr8GKRJmw3cEuyYLC0zW5jWshXqHcRbK4z5KLrC7bwY4cC_oCRDy3nTYAKXN4Yq83D9MyJQ2-EV6dyUxGD5yy6XEL8dmB4hugdQcTroOFEdiBeRmr3G8Nczfppeg7mHO-0VQL25rtxTbeF4J6Kmnaz-ZzWRjz6HxhGffL46Dyccc_I6kfq0JoaiAOG9jiDbi8WarFKiwWfYItaW8R6kxyQR39wiDror-Oj2US5viqfW1Aiv5F9p2ie-LFx8ix-2Yk3ik94sfcgiszgzNpDEzIGSIG3lHb4iwoucYthJFP3dngOtNL6lpQyChWqWkbihmu-1LsmYRLHpm9JY8mPzn6D_lx2gXlF_7asOWlifpRnrCMhWMRrqOtj66f23arIwNCYGI-9drbySFthBoJnLXYMTa-sjEDWwpbJ8O7PZ4vE8rb5EIiXQPTfTku2xMoQ7ZZf8vsARJYUcs9J-vfW9xLr3qu7h2h9P0NkjX5Da1zt93tE6C_HqijbJ4p_lb1dSHvgikC8rA_UDeJEmb-AX7UxaYVSSbBW38JDcK4NFGfb1opFuYEwlX4GyCLGx9SoMmZJWBzqVUgZQ8-h7IEM8dMpwEK6UkzFfaImQMsBIu4VfRqwmz5bSNRJOCREEechCdTJb7llDunlVhPy2BPG5OsUYSF_g2Hb5nLo5kUDKSxXJ0s74VXuD1OkAlDa2IC6Xw_VSg2z274ok4KDV-OSaSBgMcs-zzPz08euNrIbMdJQohpgUFZHb37wSVffk-ZpMnQSQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.op-seken.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D40D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAZcdZtEs25h2feUQ15VUTk7Vn2yfWO7JavVLVTUESMNBXShcM1Q8vhIy58vemf8GVhinT-iCYKYGkXEhY76jGduZMdUqSbRSQw2Ro8msQ3BMYr1WejzCTRZCojsDamJozGfQcvpDUFMyCFniek3B9iA&sig=Cg0ArKJSzCZKDNwDgNqYEAE&id=lidar2&mcvt=1000&p=723,436,813,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1135666128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=274004000&rst=1706807240547&rpt=764&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:07:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/forumotion-fr-2/log/3/ Frame 50E3 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr-2/log/3/bulk?tvi48=14791&tvi50=9058&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
213
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
106052
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807243.637334,VS0,VE213
content-type
image/gif
access-control-allow-origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk
trc.taboola.com/forumotion-fr-2/log/3/ Frame CF26 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/forumotion-fr-2/log/3/bulk?tvi48=-48&tvi50=9115&route=US%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
107
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
106077
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1706807243.637345,VS0,VE107
content-type
image/gif
access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_4/assets/css/ Frame CF26 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349763
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A41AJQRAR41KZM9V
age
457413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706349763
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
ZiwaCUB1ktxyhoVa/lajaQ+APJ5dqrGk/Ti+lHTLR5Ak3F3ZMBvXz1ksFjSVTL0e7J6E3TZSGzE=
x-served-by
cache-lis1490045-LIS
last-modified
Sat, 27 Jan 2024 10:02:44 GMT
server
AmazonS3-br
x-timer
S1706807243.646877,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
52106
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_7_4/infra/ Frame CF26 		378 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d0ebd5ad023c9f2cedc2216ecffea53e1006bcda906740e313767d56ba068138

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349716
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A416YS3AY3X9H1TX
age
457413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706349717
x-amz-meta-mode
33188
content-length
87233
x-amz-id-2
RIV4wZuUyyLzJRKlhj+nLJ+sk87exhQfE1ChPb3dGH15uwbWRnM7Zmi0w+SkA3n4KwyKSy29T+4=
x-served-by
cache-lis1490039-LIS
last-modified
Sat, 27 Jan 2024 10:01:58 GMT
server
AmazonS3-br
x-timer
S1706807243.646978,VS0,VE0
etag
"302ca79534720ab07324e36b611f0a2c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
36352
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame CF26 		254 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
x-amz-request-id
4T9HD5F03CQKWW5F
age
15798
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1706807243.735499,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2240
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.9.4/ Frame CF26 		445 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.9.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab13e939fe039c2080efa3bdff3ec320c1dc8d4bbe9546b1b7dc82ef248e0d6e

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706778340
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
06T3T01CBZ1NBJHP
age
28844
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706778360
x-amz-meta-mode
33188
content-length
85848
x-amz-id-2
EGm8UACAE7Vwbm1fRb1FeNakJPHFhcmyyW8k8RWbiJKdZN5j1SAQ/jP8bCKyScAyAUScaPz7dAQ=
x-served-by
cache-lis1490039-LIS
last-modified
Thu, 01 Feb 2024 09:06:01 GMT
server
AmazonS3-br
x-timer
S1706807243.755549,VS0,VE0
etag
"aa2f24872b611815510f0a86f05fbd70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12228
sync
us-match.taboola.com/ Frame 8FD8 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8dOkCLAa0O8JEZ_tV2RNod4SJzvarsi8AAABgYED8AEm4TIORzbNcCzYjk1u0WM3cyuVwthZsZoOFbTUZLkaTISChzcqwsjl2a-Fs4VuLJquRW7lxTNYai8dhXHlGM5thNgUSMxisJavBQFR0vS12h9PseYM4NJ0On-terzCMJjOHZ-YbDWe-yWq1GS1mG9NyZfK4XLOJaWHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCUFeEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZHcIAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBIdtmZhzNXIPVzLdY2Ga-3WRmWo4Mm8VuYhjORttTd_DZhzIcgt1HYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhghGViPjajdYrRWWwWwtGlmca4ljZHFLJrbhcreZGZYjk1v0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssi_ZNjPjaOYarGa-xcI28-0mM9NyZNgsdhPDcDbaV1Yj42o3WK0VlsFsLRpZnGuJY2RxSya24XK3mRmWI5Nb9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6ZN6o6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpROFZ7TajkcVmWy2MI9NqtxuZPDbPbmOaGWfL0XAilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gF4vV_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMLIJ!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2c89e3f7da140445ce411ea30d40e835e8af1d6eafee8cf3e4abf0c5fb39b6d2

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:22 GMT
machineid
3104
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame CF26 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
LIS50-C1
age
1689397
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1706807243.770087,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits
53830
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_4/assets/css/ Frame 50E3 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349763
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A41AJQRAR41KZM9V
age
457413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706349763
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
ZiwaCUB1ktxyhoVa/lajaQ+APJ5dqrGk/Ti+lHTLR5Ak3F3ZMBvXz1ksFjSVTL0e7J6E3TZSGzE=
x-served-by
cache-lis1490045-LIS
last-modified
Sat, 27 Jan 2024 10:02:44 GMT
server
AmazonS3-br
x-timer
S1706807243.872278,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
52107
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_7_4/infra/ Frame 50E3 		378 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.8/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d0ebd5ad023c9f2cedc2216ecffea53e1006bcda906740e313767d56ba068138

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349716
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A416YS3AY3X9H1TX
age
457413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706349717
x-amz-meta-mode
33188
content-length
87233
x-amz-id-2
RIV4wZuUyyLzJRKlhj+nLJ+sk87exhQfE1ChPb3dGH15uwbWRnM7Zmi0w+SkA3n4KwyKSy29T+4=
x-served-by
cache-lis1490039-LIS
last-modified
Sat, 27 Jan 2024 10:01:58 GMT
server
AmazonS3-br
x-timer
S1706807243.872462,VS0,VE0
etag
"302ca79534720ab07324e36b611f0a2c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
36353
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 50E3 		254 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
x-amz-request-id
4T9HD5F03CQKWW5F
age
15798
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1706807243.931166,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
76
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2241
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.9.4/ Frame 50E3 		445 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.9.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab13e939fe039c2080efa3bdff3ec320c1dc8d4bbe9546b1b7dc82ef248e0d6e

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706778340
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
06T3T01CBZ1NBJHP
age
28844
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1706778360
x-amz-meta-mode
33188
content-length
85848
x-amz-id-2
EGm8UACAE7Vwbm1fRb1FeNakJPHFhcmyyW8k8RWbiJKdZN5j1SAQ/jP8bCKyScAyAUScaPz7dAQ=
x-served-by
cache-lis1490039-LIS
last-modified
Thu, 01 Feb 2024 09:06:01 GMT
server
AmazonS3-br
x-timer
S1706807243.963433,VS0,VE0
etag
"aa2f24872b611815510f0a86f05fbd70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12229
sync
us-match.taboola.com/ Frame 828D 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8NV0CLAYUQtzqsj9CnhIohLjVZX-EPC0AAABgYED8AAl5LJPlaDFYCwYr11o0GczWEtPIshYNFybTymFczja-ISAZ12rjcmxsa-HGs1uLRr6VW7nYLde6hWcxm_mGm5llZAUSMxisJavBQFR0vS12h9PseYM4NJ0On-teL5k5FsuNabQwuYwTm2c2mDiGC99wZBmuXBOXyzHXPGwum-Xhdtl1fr_P7PI87yanx2F6-u12jd_t1zxsLpvl4Xb5FWvBWjTYC01vs1_jt5seTrvLchea3mb_3L2YAwAAAIAHAFsp1RB-AAEAIgAAAABIAAAAAKAQUOHfgsAFAAAAAAwABVD7GgDGNwg4sxwQ3OU7KP-Wrz8AADxEgAAAEMAgASAwvlICgMSw4AQAAAAAAAAAAIv_____GAB6TsUyBvDf9noAPPgAeCBCoFmEEQAAAIBcwASlI5N0gopFFQAAgnQrAFcAAAIay0ZZH8IAAAAQjFmgh8XvNzvsGr_bZQAAAAAAAAAAzPyf-UcjNAIAkEZ4Uj9czS8gAMCaX0AAADbqBgDgjQCcoEPQisFgdQJidgAAAADu_P___-sBic1wuJrsNq6RZbhcmYyD0cJh2Vh2s4lpZfEshttD15dlnMZB6NlHYgaDtWQ1GIiKrrfF7nCaPfczYYvRajLZLIez5WIyGI6Go9H-DMRkMUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhggGJw6XyTgZuXUrz3At2k0ma-FkM3ILZivnaDJyTgybzVr0-pg-FtdqNVpukWBAzV4EF-lE5re83n7T0293yyxvyUQs0Zws0onssm9shsPVZLdxjSzD5cpkHIwWDsvGsptNTCuLZzHcFycOl8k4Gbl1K89wLdpNJmvhZDNyC2Yr52gyck4Mm81a9PqYPhbXajVa7hu7wWw42E1Gi31jN5gNB7vJaLHv0Bm-q8_ZKG1uLB6XSKo6Prs2p0HhMli806JF2jocfUad1zYRptamnWNiFVolXoPCc_CYJuvNcv25bDvq3ex7MChiieB0kU5EL-PpIpZInhbpRDcxjVYml8XjWG1cC8fK4TH5RrOZcbCyOBYOl2cilihNF-lEr3nYXDbLw-3yK9aCtWiwF5reZr_Gbzc9nHaX5S40vc0W9R8xxHA1V0yGc-VcN1olAAAAAAAAAABLMM10EwAAAAAngxguJ5PdcgFEgIjr-vkkK4fhgY_cFWoABvwIActZrLHHHsxveb39pqff7pZZ3pIpA3igJme2mWcEsVarZQ0AAEAAGwAAQAA33XgTcGbJ2QckBQwAAAAAwI8gB6vh_gGoEGu1Wj5frNVqCfz___8nCAAAAAAAMCJmEAAAAAAAAEcG!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
453a2420c7fb3742b60dae9c7d33675eeba217644b4322e99f3b6ca950b7869a

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Feb 2024 17:07:23 GMT
machineid
3109
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 50E3 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 01 Feb 2024 17:07:22 GMT
via
1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
LIS50-C1
age
1689397
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1706807243.975134,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits
53831
cmAdService.js
vidstat.taboola.com/vpaid/units/33_7_4/infra/ Frame CF26 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1894e7da8586329e77e4fa5f435e9ee038ba9381201bbfdae773dac9426aff8c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349751
date
Thu, 01 Feb 2024 17:07:23 GMT
via
1.1 68c9162ccc29f8f3ca30be36950cea58.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-P1
age
457413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1706349752
x-amz-meta-mode
33188
content-length
11619
x-served-by
cache-lis1490045-LIS
last-modified
Sat, 27 Jan 2024 10:02:33 GMT
server
AmazonS3
x-timer
S1706807243.045273,VS0,VE0
etag
"10cfb95a9f6604f40429aaa8b011381b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
fJgLlgkUmWnL3yb5WvTPEH7IiVFm1vArvB0JVU8Vz-LKFwZ0fF6xMg==
x-cache-hits
51006
cmAdService.js
vidstat.taboola.com/vpaid/units/33_7_4/infra/ Frame 50E3 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1894e7da8586329e77e4fa5f435e9ee038ba9381201bbfdae773dac9426aff8c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-mtime
1706349751
date
Thu, 01 Feb 2024 17:07:23 GMT
via
1.1 68c9162ccc29f8f3ca30be36950cea58.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-P1
age
457413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1706349752
x-amz-meta-mode
33188
content-length
11619
x-served-by
cache-lis1490045-LIS
last-modified
Sat, 27 Jan 2024 10:02:33 GMT
server
AmazonS3
x-timer
S1706807243.240941,VS0,VE0
etag
"10cfb95a9f6604f40429aaa8b011381b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
fJgLlgkUmWnL3yb5WvTPEH7IiVFm1vArvB0JVU8Vz-LKFwZ0fF6xMg==
x-cache-hits
51007
cds-pips.js
cdn.taboola.com/scripts/ Frame 50E3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:23 GMT
x-amz-request-id
34JX8Y03SWNT03E9
age
3150
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
tKY7uSbBI84jEiBWgM20dN7BHwa/X0Lwnkmyh6UvHgqkBOkP9eBH4mkb2r0IETHVU/jJdhsVLp63b7rYp+J9oA==
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1706807244.569752,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
66
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
5004
eid.es5.js
cdn.taboola.com/scripts/ Frame 50E3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:23 GMT
x-amz-request-id
FE0VR0S8K10DBPXN
age
14779
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
jRcNi9sjjNItzWK/Iatl9arb6Jnft5MSo+k+Yq/pFnD6U4N3NCdXlIkpz6CFLTxh2KHJ5BAylo8=
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1706807244.569724,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
72
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8572
cds-pips.js
cdn.taboola.com/scripts/ Frame CF26 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:23 GMT
x-amz-request-id
34JX8Y03SWNT03E9
age
3150
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
tKY7uSbBI84jEiBWgM20dN7BHwa/X0Lwnkmyh6UvHgqkBOkP9eBH4mkb2r0IETHVU/jJdhsVLp63b7rYp+J9oA==
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1706807244.590026,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
57
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
5005
eid.es5.js
cdn.taboola.com/scripts/ Frame CF26 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240201-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Feb 2024 17:07:23 GMT
x-amz-request-id
FE0VR0S8K10DBPXN
age
14779
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
jRcNi9sjjNItzWK/Iatl9arb6Jnft5MSo+k+Yq/pFnD6U4N3NCdXlIkpz6CFLTxh2KHJ5BAylo8=
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1706807244.589988,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
98
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8573
/
pips.taboola.com/ Frame 50E3 		4 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by
cache-lis1490039-LIS
date
Thu, 01 Feb 2024 17:07:23 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
pips.taboola.com/ Frame CF26 		4 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by
cache-lis1490039-LIS
date
Thu, 01 Feb 2024 17:07:23 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 50E3 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=8baed82d-7e38-4722-823d-06e942d9b033-tuctcb55549&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Feb 2024 17:07:24 GMT
cache-control
no-store
server
nginx
/
cds.taboola.com/ Frame CF26 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cds.taboola.com
URL
https://cds.taboola.com/?uid=25d85705-a206-4db9-b1db-2b68973f09dd-tuctcb55549&mbl=ZmFsc2U=

Verdicts & Comments Add Verdict or Comment

324 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery boolean| imageTag boolean| theSelection string| clientPC number| clientVer boolean| is_ie boolean| is_nav number| is_moz boolean| is_win boolean| is_mac object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item number| mouse_y number| mouse_x function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt undefined| originalFirstChild function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage object| gw_window object| gw_style number| offsetx number| offsety number| curX number| curY number| distX number| distY string| obj_ietruebody function| gws_show undefined| elem undefined| divHeight undefined| mouseX undefined| mouseY function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help string| _help object| bbcode object| bbtags function| change_categorie object| google_tag_manager object| google_tag_data object| dataLayer function| doFollowAction object| _toolbar function| _manageStateAndCSS function| _moveUp function| _moveDown function| _onResize function| _delItem function| _addItem function| _readItem function| refresh function| _setConfig function| compileNotif object| Toolbar function| gtag function| setScreen number| width boolean| isMobile object| CriteoAdUnits function| CriteoAdblock object| _userdata object| _lang object| _board string| GoogleAnalyticsObject function| ga object| adsbygoogle object| _taboola object| Criteo function| urlB64ToUint8Array function| updateSubscriptionOnServer function| subscribeUser function| unsubscribeUser object| twemoji object| _gaq function| AT_adFillSlot object| googletag object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_149 object| Criteo_149 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| MONOMER function| FA_OBJECT function| FA_FORUM function| FA_TOPIC function| FA_LOGIN function| FA_LOGOUT function| Fetcher function| MONOMER_MODAL function| extendDefaults function| buildOut function| initializeEvents function| transitionSelect function| _bridge_post_deferred function| extend object| monomer function| Switcheroo function| vglnk string| cname number| cpos object| jQuery17205993317832975924 object| gaplugins object| gaData object| _gat function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| compteur object| tiButtons string| tiClass function| useQuerySelector undefined| div undefined| span undefined| result undefined| currentElement undefined| elementClass function| _replaceElement function| topicit_action function| isInt boolean| __v5k function| vl_cB function| vl_disable object| TRC function| _typeof object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| m101 boolean| mtz101Loaded object| config function| shoppingWidget function| priceComparison function| autoLib function| observeDom function| init object| google_llp function| vglnk_17068072412176 undefined| vglnk_17068072412177 object| cookies number| j object| GoogleGcLKhOms undefined| vglnk_17068072416009 function| delegateEventListener

23 Cookies

Domain/Path Name / Value
.www.op-seken.com/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.discordapp.net/ Name: __cfruid
Value: 45c3ff7696f62e24068c9747bd93496be206d05f-1706807238
www.op-seken.com/ Name: toolbar_state
Value: fa_show
.op-seken.com/ Name: _ga
Value: GA1.2.1911416362.1706807239
.op-seken.com/ Name: _gid
Value: GA1.2.1178716399.1706807239
.op-seken.com/ Name: _gat_gtag_UA_144388882_1
Value: 1
.op-seken.com/ Name: __utma
Value: 122785365.1911416362.1706807239.1706807239.1706807239.1
.op-seken.com/ Name: __utmc
Value: 122785365
.op-seken.com/ Name: __utmz
Value: 122785365.1706807239.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.op-seken.com/ Name: __utmt
Value: 1
.op-seken.com/ Name: __utmb
Value: 122785365.1.10.1706807239
cdn.taboola.com/ Name: abLdr
Value: 24
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 4c649eca-e080-47da-b85e-bbd698051ad7
.op-seken.com/ Name: cto_bundle
Value: tgrPCl90SktoJTJCJTJGOHk1RGV6TmYwTTFWSnhUeWZZUTNXMGRReWF5NHd0OWNhQWxGU2QxMTFndSUyRlJQRXA0WHpjcHRWTVBsSmZYV3ZNNHl6emtqSjRyY3NSNGs0enBxdVVndTI0a0hHdFAxdzVTRmQ4dk8zQ0U5OEF0eDlEVm14MHNkaUhvYUNsVVltOFlaN2tuWWVYQnZOd3NYZkElM0QlM0Q
.op-seken.com/ Name: _ga_ZSSLCPJ9BZ
Value: GS1.1.1706807238.1.0.1706807240.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmOb6Ad4UVBgNy0UnnMAU5lsxxM3VilHcHg5aK4PgjH06JPk2EJnrqoCJffehs
.op-seken.com/ Name: __gads
Value: ID=b1460f711d82499e:T=1706807240:RT=1706807240:S=ALNI_MYleeNGycGyLEhUhCRJDjJiJLXW9A
.op-seken.com/ Name: __gpi
Value: UID=00000d4df4ce9f1b:T=1706807240:RT=1706807240:S=ALNI_MaQi9r3nOiU7TqDwC_uA-tuWkWUsQ
.op-seken.com/ Name: __eoi
Value: ID=1cac9bdce0814161:T=1706807240:RT=1706807240:S=AA-AfjbOeAw9-xhLixD3Vk35Ozib
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rubiconproject.com/ Name: khaos
Value: LS3GYNPH-1E-I98R
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6Bv28R7cckhDBT+ooZ/4y4gmVUTBt0LIMvaY8UyM6OJoCV4wC7TSWS246Js1cdFq4gmGweUluV0N71iWSnWCbgaIo8tEQuGXfEYuY/fSI0kfg==

76 Console Messages

Source Level URL
Text
other warning URL: https://www.op-seken.com/(Line 556)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.op-seken.com/
Message:
Refused to execute script from 'https://api.viglink.com/api/sync.js?key=18d81f55cfc0fd275a864f494f914b76' because its MIME type ('image/gif') is not executable.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.op-seken.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
2f119c44ade8bf360b18a78d28e5bee1.safeframe.googlesyndication.com
2img.net
66b14c242704f8b86c7cd685223e6f51.safeframe.googlesyndication.com
a042fa3f748f72553416c49edce56b4a.safeframe.googlesyndication.com
ads.rubiconproject.com
ajax.googleapis.com
api.viglink.com
beacon-ams3.rubiconproject.com
bidder.criteo.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ch-trc-events.taboola.com
comparisons.sovrn.com
connect.topicit.net
eus.rubiconproject.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
i.ibb.co
i.imgur.com
i.servimg.com
illiweb.com
images.taboola.com
imprnjmp.taboola.com
media.discordapp.net
pagead2.googlesyndication.com
pips.taboola.com
region1.google-analytics.com
sd-g1.archive-host.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.aht.li
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.op-seken.com
www.zupimages.net
zupimages.net
cds.taboola.com
104.16.85.20
104.21.233.198
104.21.235.75
104.21.31.159
108.157.4.7
141.226.124.48
141.226.224.32
141.226.224.48
141.226.228.48
142.250.184.193
142.250.184.227
142.250.185.104
142.250.185.136
142.250.185.238
142.250.186.106
142.250.186.130
142.250.186.162
142.250.186.68
146.75.120.193
151.101.129.44
151.101.193.44
162.159.128.232
162.19.58.161
172.217.16.202
172.217.18.2
173.194.76.155
178.250.1.11
178.250.1.3
178.250.1.8
18.239.36.96
188.114.96.3
188.114.97.3
188.165.2.137
188.165.46.1
213.19.162.51
213.19.162.57
216.239.32.36
216.58.212.130
216.58.212.161
23.197.120.249
54.38.45.96
63.34.153.16
69.173.144.139
88.221.125.233
94.23.159.185
01612dc8ccf5c04c11ca1d920398c6dfd70a8895e3e429aa0ee9df542119ff79
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0736dc3abc54bf5834a58ba96a2fb13670bbaabbcbe4b4d86adf2ff9335df7d4
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0879d6b397346911db0f576cb68efa6a56aee1a07bd695d1a37932b4d6f9f097
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0a4d89d204d7d07b2a47482a88650e650dae5324aab5174fcde0543dd99c56d6
0a80d0974f5d9bcdadd06193a1892fd4f8021cd7b7019e3a6fe93894614c84b7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13de4d229b913002c98724062700774cc4ffd88c4a41b1f6f3d9a2a56d09134e
155330b787cf594776e3a108d9172ff9a579370b8b386242dcb35a30b18dc3a8
1704ca0c65c4e7b42faba6dca3571311871df9f07e47e7af17549ac5eb4cc7d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1894e7da8586329e77e4fa5f435e9ee038ba9381201bbfdae773dac9426aff8c
18da20645314d15a60fbcc38b2b01c944e9deaec5365364aa0136837d923c81f
18ff5b82319974132039e8bab9fb8ce4fe7e9fc5cb50278d192c812758f67b3b
195c5964d47cdb48f7db6a2df54b19165d2ce9f698dabe81333f5cdd727af473
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1b4b01f99e97e24f99454899af89ca970fa7183e9d77ed2d87c1f6ef9779be0f
1d7e58ef8b62b2bba5098f53f4b7ef34580ca1ce21175bb26b23b3e0d803601d
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1fad4e11855cd9385e162a14ad98e2d8c29d50467bd0b750c8b6a7eec5566b50
2000293b9d93e2ce2c4d547ff1d9cc848e64f20c9673f48560f41cfc0cffc14b
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
2122cc2d6a9e138c3b4035d403cd2760bc3491e3f00da7211abaa80557de0b3b
2158bfb3ea9d982822471e8de3aebb825078e10a712ab289568194aa7102f6fc
23165508a29c3f5eb3ce98bc28d3dec9a879b796249cedb65a287de1038a68d8
254d98d620dbe39d7c73e2a4de0253736f0edb05f3f89f191d985a81a1eaef0c
25ea8bb38acc9d755fd03232352174b1345318598a2351b5906c1d2cf41d42ac
2c89e3f7da140445ce411ea30d40e835e8af1d6eafee8cf3e4abf0c5fb39b6d2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d631ee878ada2beba76942d8fb00eb60edaa5538d2925541e7174b7c5b1bb49
2efc5fed19f324b6ca6a4b417261fe7fdb2defe072f3ddd3310749233e27da7e
2efd5b088456b5b350cdd2afd4e91b4bb44217e2c212a5d150f96ffa185752f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3334e89f8943974d08d81111301ebef704f8ab80fae99b8259268dd9ae22181b
34d632477a31afce9ad42cf6e28ae23e38c64d106e320f3b3b57aea7ea3f3bb5
3857ce7db410cfeda3c7fbb6aebf30d5465f43096f2e038ce878b2b238e92159
39ac2f855c866a6de013c988860a0a0b8866176bd528b801bb1edbd388430a9d
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3bf48ce656a37c462dca0e93a448a9b6de85c5980a094ecf5d6c78c25e822aa1
3c156925f01bf6c4c8c200457e8ca51005e2a6e3f782e08846a1fb2a391d6d2e
3eb388f6f9e3c070b752a3594cf732d01dcde1ca8f8bedcd0e7bd7397b24ecbe
3ee1767e54f583a814728f38b09c7ec7689ec1ee947fc5afda4ea0edebbee771
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4414c9b51a0fa6a9c5b1ed99a5bfc65044a8b525b4ff92e1167299a46c4f8a3e
4487b64fd8d779b738404d215a2af5a084edc3191f6206864cf556cf025058ea
453a2420c7fb3742b60dae9c7d33675eeba217644b4322e99f3b6ca950b7869a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47d2017484b75e40a82191dfc8ce20bf735d5c966adc1fe5b3093f3bf7a657dc
4a931f46d9166bc8495323af5703d55118a83b54c1bf527d1b99813c231ed79c
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
4cafa97c620f0e83a82d4068ef5164f36687061a1045a3d5a1f721cfb8ca0b4d
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e310aa73d91ee625c486996091038f7878797edaa00d01526e524866fa0da9e
4eff61e552e3fac24e8635a2619af9838dd3140f405343917e4e160eed023094
50961ce813f62e93c1c34226125aba7d61d8d2c1cdbcc17e3548f0d907d72ffe
52624e8315b890b41cdf5c43f742894cbd1fa0eaaf18d2fe2e7d27fb3ff69f05
52b4986e888e5a7ad231fd0ec5375f9354d498842fda6049b2b8fa7ff9ba561e
537881bf102d49cdf7b70112fa599498cc88a30151f9c15f2a03e7b96c57260a
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c351a9d6adfcce879874b9a424c41a37447a61e0cbc642ae93bad8e142ff4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5835b472a02709b7955b0478e6c11f402cb03e2e132cb1f73fbec75c3ac6f434
5b9458f9c1086061c0be6dad8c46673c548b9324cee81313ae6d48bf7fb0afde
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e0a986946ba89ec13dda7ae6f315881f0b3847e9a3eaec2dbccedb52d29cee7
5f1c9e0573f458da46fefcfdc8a8b60e52c6b2b1890b6e21f507850ed9b71bf8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ad075129c7ed11c686540852a89d2154ed274a494a80a6850041dce28ee72de
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d3d659f451bcbd8c3646d862a9b34abafa20bf8295b7832a0d3bb982ffa8cc9
7359ce19d5d8538d1fb1c91c7f579af97d4b7064e3be3b049d91913191c735a9
772d6b32d0fb6d5a0e8942b49bd73d08527185999bcf6a797d6c318d333c36fb
7b2e1a1c83d0967b70d7ae20a083652d848ee27eac7aaf6cd44a2988ffbed43a
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
828767fbeb1fd6669664e2017314c590e3ed617df4a258a6ad788f8328c37999
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84975e2084041e7a3d385435f6d2df5f8a3a6ec805fbbf28c8a7b6ad8bb8d471
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a12ba0f36bd788c565eef1f9855c82ac4e28c17e4dab3a23eb69fa708474eee
8ad08e0cab1b313aac6f3225b21cf9015f9e7e9a9eaf71fc2f0f827930d83639
8ca9d4267cda3c079c88f46e52badb7f469519d380a5ea5643a5fd7f524346ea
8f69cd37684d5c43a15d64f0ce5c388b366364d7228beba90e9f489b87d2511a
92b4d0862de01f2c47e32b88fd209c7e989cf6917fa007cec6c07227a0cf872d
94612a724fdd4d0ee8515592f919ea1a59b98c80ff0e2ba20ac4ec09261d346c
96a989309829d1470db73f94c211aae9524089e971703dec21cf7cefcb975f86
9720c8d8c40b3c68ed78efce79054814f4bb609de588f0065465c04f7b0d8329
98c86408edc4e06886d20529bdf1b11e6d495400327d3a5d2919ce4814497657
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4
9d16ff835091825b0e94277b451a884494972381db9e37ec2d9fc8c19d62fc97
9f6697e701aea7e2d09b36dfda424211cb0cb3e2fa8e7d4d8a8170ba61db920f
9f6bae7cf57429e3a4ab1add40064fdc7f999f3bfae45665a9b55f5d7dd36779
a32c3737c5f7c4b2318e414a9070d3eab3297edd2b10c181d8effa39da5d5bcd
a3f18b8ea6f5c04464490c3f4ac2add84f7e69cb934c100b85f1ea30c30695e8
a43615aec07695acd12b335bd5e354d23593601daace93df7fd84d885545255f
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057
a9fdfd6482e324811325ba1c3ed97b7ab3aee9096c41d7a61143fafd8612a6e6
ab13e939fe039c2080efa3bdff3ec320c1dc8d4bbe9546b1b7dc82ef248e0d6e
ab5c8a09562acc089e53a4885ca0531e9794bc7c75c438d24939048e97fccbef
abbba1651a849097efbed11068de0c74f2eafbdce07de39720f198d7572b6138
add844aa7c7d190d8068311aff59f669e78b1574899348320d18c52410e1aa88
aeac572638db43cfeca3ae0a3e708ed051b42341f5823725bdaa03a8e307e049
af6e91e30258cc1b262d2f10f308514cbc6ede7ac3f59ffff0208dfa1e05dfe7
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b025bf90a853800256af4c9a7b81cac009ca2c79f0147f1730759e64b12b646d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43fbd73a7f6a097750b1c13702b908932ec5bfb60a49ed4c9d1479785f8901a
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b8849ca4cf0ed46bdc56edafb6bdfb1d63551f43c72c9c6bae1617f1c6c991c7
b8cdadeafbbab7dbf29c8220ba548aaa6ff9c33f44e5cc2e571d7692b6832438
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bdebebf4f450d61bd486e99169a7ce38812de0ceb846359df4554aed81966a62
beb3a38a6585a3d2897f5177d6885637c396b6a52032f5a8ade3f16c695aed14
c15429e08c9db9f87283d566cb5bda9663b1fa394452c8eb0d63f38c54394a8d
c2e9fbfff5f377337717c9fd4f214cd0f3b423818af5b9fd25422b204f8b3223
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c744d62b402e15a6111cd10198a0a79c7aab57a16c4f6312d504d58b00fcbfa0
c87479f2b3cbd4f3c20abc5722fec3de876ea01866ed76756eb7bf5febfd19c9
c95b04709c6b226d82020a86c0c6387f31c182c94de9b9391dd1ebcde1caf846
ca012310dce65846463024db05eb99edd59b9510854948e11e244b1d6286ca8c
cbe55cf03cc55135ee2553ae6f679c83221df1a44e9c4a026b5e0190dca98791
ccbae6ac935132b577ba081acc709b6cf29777fcb81635c889341c01bb2364ca
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf7f08d934b075a196af102248d1ca330b5dd1d8c26cc8a05a099b62d936d51a
cfc10bf4bc59d1e6f154a4aabcb5191e096b20bcea34729a3d586bf54c9b81d9
cfca0003e720b3b1880c0a729a8eb44a954ab340b0b81ef070b8e60d0f795a08
d03263e66b01c8d19c410de3be4e37f5fb6a2f4ecabc15682136134c3ac4163b
d0ebd5ad023c9f2cedc2216ecffea53e1006bcda906740e313767d56ba068138
d18d3163a9ee9bcf0c87874656955359f33ac9c063529ce985c94ca0b5569d12
d38babcd2d2047c15e60b7075d9a9b0d9b522fb7fd4b3bf07a910cd26e010877
d52acbbbe5422bf228eee6359e7885a9da68a8d90c9288c91edce9dea47c0829
d56b398ad69f7232bedfb0df3bafe2626d06c9306cacf9d4e1d8b88e4e168d84
d744a7b07a492d4769e9b44c87e4023dc352aee9ac2c4a9a92ee1f01f17c1f26
ddac5c645760257ca729f54d1adfb2e274f70678e1d60d582a9b9b11bc1358a2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e328b05ec4c18201f63c6131e52d2f01f7cc9e946af3406ff00ad10e26d2f8ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf26f8899f1edaa18fe0155e62d11f537bdcef1ad19ac513cfa875d0709286
e4d290944894c7b267ef16999d322ba3a27ece68927fa5eb983751320a8f3da9
e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7
e959b472d2f44e695b51b3fa649319f1e89b321244cf722359e974c6e4dbcddc
ea8f6795f50317f065b87a204889735f8ea7071ac5f0024d9def8262de7063a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2acc044ac4bcbac661b9adf9590dac4c33c60239d12c5db71a5219ab5ac2364
f3742624535937e56bb275ff1e8b246136fc29f2ad57d3e1c51286d760b11308
f3eea5ae42d8acc9c6ae23c409a9221db1a6696653e3459af55920c957a2a3ea
f566a8ac28194750e2c5cd5a89af8ff420be2d86706923fd3a7fb1e816e831de
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd7af3121e200f69273d3f46301d22be621a238ecf000ed803c9ba3b9a005b02
fe7b2420730266b912eff1cbf5220addf984dda788ace02cbc7e907217cb0bd2
ff800babf67b069193af1b7442f250df9823fac5adda2698653229b0901ba3d3
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876