bemblogado.com.br Open in urlscan Pro
192.185.215.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bemblogado.com.br/
Effective URL:
https://bemblogado.com.br/site/
Submission: On November 29 via api (November 29th 2023, 4:25:29 pm UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 204 HTTP transactions. The main IP is 192.185.215.219, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is bemblogado.com.br.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 16th 2023. Valid for: 3 months.

This is the only time bemblogado.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 58	192.185.215.219 192.185.215.219	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	138.201.84.244 138.201.84.244	() ()
1 3	138.201.63.150 138.201.63.150	() ()
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	() ()
1	167.233.14.134 167.233.14.134	() ()
1	2a0b:4d07:101::1 2a0b:4d07:101::1	() ()
1	3.11.123.127 3.11.123.127	() ()
1 2	142.250.186.70 142.250.186.70	() ()
204	27

58 192.185.215.219 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: vega-ip07.prodns.com.br

bemblogado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.244 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.150 (None, ) 1 redirects

ASN- ()

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (None, ) 1 redirects

ASN- ()

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (None, )

ASN- ()

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.123.127 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (None, ) 1 redirects

ASN- ()

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	bemblogado.com.br 1 redirects bemblogado.com.br	12 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	525 KB
30	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 5994599.fls.doubleclick.net	299 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	156 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net hal90008.redintelligence.net	256 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
2	retailads.net 1 redirects cdn.retailads.net	6 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	138 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	webgains.com track.webgains.com	2 KB
1	office-partner.de adv.office-partner.de	923 B
1	futalis.de futalis.de	401 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com Failed	255 B
0	medialead.de Failed pv.medialead.de Failed
204	20

	Domain	Requested by
58	bemblogado.com.br	1 redirects bemblogado.com.br
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com bemblogado.com.br
18	pagead2.googlesyndication.com	bemblogado.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
16	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net bemblogado.com.br
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	fonts.googleapis.com	bemblogado.com.br googleads.g.doubleclick.net hal90008.redintelligence.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90008.redintelligence.net
4	www.googletagservices.com	googleads.g.doubleclick.net bemblogado.com.br
3	hal90008.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90008.redintelligence.net
3	ad.doubleclick.net	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net bemblogado.com.br
2	5994599.fls.doubleclick.net	1 redirects bemblogado.com.br
2	cdn.retailads.net	1 redirects futalis.de
2	s0.2mdn.net	googleads.g.doubleclick.net
2	www.googleadservices.com	bemblogado.com.br
2	www.googletagmanager.com	www.google-analytics.com adv.office-partner.de
2	www.google-analytics.com	bemblogado.com.br www.google-analytics.com
1	track.webgains.com	bemblogado.com.br
1	adv.office-partner.de	hal90008.redintelligence.net
1	futalis.de	hal90008.redintelligence.net
1	www.google.de	bemblogado.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
0	adservice.google.com Failed	5994599.fls.doubleclick.net
0	pv.medialead.de Failed	hal90008.redintelligence.net googleads.g.doubleclick.net
204	28

This site contains links to these domains. Also see Links.

Domain
www.baraodeitarare.org.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
bemblogado.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-10-16` - `2024-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://bemblogado.com.br/site/
Frame ID: 731949F15D23FD2BD44D324B963A6EF8
Requests: 85 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 366839163F9B58D6404AB011697B5E99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&adk=1812271804&adf=3025194257&lmt=1701275127&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127121&bpp=3&bdt=881&idt=250&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8052499195794&frm=20&pv=2&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=276
Frame ID: 965D835CB1D2182C98EBC8CC4585A979
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1701275127&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127124&bpp=1&bdt=884&idt=280&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=284
Frame ID: 6479D000F6A8F17B5CB34581C68E7400
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1701275127&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=284&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=286
Frame ID: C8373183548F789831234D863D85EB5A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290
Frame ID: 30FE35594C04074877390A2005C842F5
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV3fzHMZ2gxluR7w2eL2Xxd_uPkI3_KLomDQTbOe2fW1FKapYljOLpgharkASfp6yWrT7tN_zRPjlr8b7dt8wUMjQ5t75U7Nok5JNtggnz3-uTx-TXqvmGF7BKhrIZod-s8bH5X0ipm0GrveryJVw_4QZAo_nf-AkG4ae4BlEz0R0WqsGo
Frame ID: 53B082E856B416F3C2704CE9846DAA20
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 0CC4973ABA47E9887121C65D73EF2675
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRC8jn4Y2LjO_gEwAQ&v=APEucNXKAwWLN68k75OlbW-AuNjP1mOi4Rtb1IXsdPPyb877bPd7zTMiYP6oCTzR8_BEdNG9VJdjseDqM6zwNJ4Yg4SGKRXzEAestpN-RHbJxq63lM7U0h50Gu9PR7TBDVw6IXjxZn-Yq9-QypS78Z3xNMvoGN3ixAkbW0NCBYp3yT8GQEGBiMg
Frame ID: ED05401932FB06120BD7012A0CA0CF5A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4C35EC8277AD210A68CAB352D0F392B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F8AAEFA449D810EC2B84407DC3B5549E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701275128&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275128886&bpp=1&bdt=2646&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2c44846c08672de%3AT%3D1701275127%3ART%3D1701275127%3AS%3DALNI_MYRefwT82DCMtO3RPyJzdVw7J6eWQ&gpic=UID%3D00000ce1a20d2835%3AT%3D1701275127%3ART%3D1701275127%3AS%3DALNI_MYxW7EapWlbyTsf5dgY-NdAUiKIVQ&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&psts=AOrYGsnI36d3gMIB7x1rTz302mF3hUwPRK8KSWRe22TWC2NLdVhX3r3PUrEZ9n4USli1a9zf1eKRvstQLh94x8MIkvxCRg%2CAOrYGsmIaQiTlBuoPzVVhr38EcIgDPFt2WMU4oc2hFJezBWPrYIjQWVgFiREpWxcDFbbxQj1e32ZCXnoi9Rj3-2M9TQc6w&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=40
Frame ID: CEEBAFA2F5CA76DD34CFF4273891F84E
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564
Frame ID: 4ABE285620F30262183CE19A54B36C4B
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 175F0AEFC71BBE8E797A4D8499F6E719
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E50B7BEBD1FA04BA4CC2FA5DBC063DAA
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52
Frame ID: 3A94CB352AF44A2DFD59B578F3DB6C13
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047
Frame ID: 8057D58EB0418776CF8B1C6FD5150926
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 3D20B451C7FC40DE83C56A9FF52C56CA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 885D14A183720E2E24DE69B98A5A090C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 9DC2EDF1808EA8E2628DA7BCB0623F90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: C9253880944F2359C82A3BEFBA2F62E9
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A6D4FA54363313631B5800FA071B9852
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: AF85CD5D1C1EC1DC26C6C6304BBB808A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 589E58432088A49D85F45A70D02935F5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: 1084F05B1EE6EAC69986F2F66F4B5D77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNWms0Iwb0mJ4XbM-cHpptII3nTFBrbgY7q7A9UYt4TySSYPZbVtJpIAGmhQsscmbhXr71qauYnaC3FlrWOwjA5JeODXRz2vJcCJ4U6zuPL998bhrJ_unhQYiD7M-BfalzpUuwC1g7x0a3tDeYQOe1GFAwthXlhSjGSi2YCdB7-5c9sWLso
Frame ID: ECD6A4211817D9ED5842E7E8DBB6D063
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: F721CE39D5C74528C7C223183866E5B9
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home – Bem Blogado

Page URL History Show full URLs

http://bemblogado.com.br/ Page URL
https://bemblogado.com.br/site HTTP 301
https://bemblogado.com.br/site/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

204
Requests

76 %
HTTPS

58 %
IPv6

20
Domains

28
Subdomains

27
IPs

3
Countries

14383 kB
Transfer

18524 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.baraodeitarare.org.br/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bemblogado
Title: Icon-facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/bemblogado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bemblogado/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bemblogado
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bemblogado.com.br/ Page URL
https://bemblogado.com.br/site HTTP 301
https://bemblogado.com.br/site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdl.Gx.jARep5UQAFn35wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=CQhC592VnZczzIr7F29gPntmDyQf18fqlcoDvna3UEa6o0ohREAEgzfjeI2CVgoCAoAegAfvk35gDyAEJqQK-F5vFC2qyPqgDAcgDywSqBI0CT9Ao9aO-S8MClI9AWJLietnCiaDjgmLYdgHSZW0GzYNAIweJd1t1J1hrg2JMSx5uSRWOdacuUOXGB-mg4nA4BVucIOcldT5kawxu3jP3P5U3LB-R-2KUSZnnnwPrKy9FzLwbKAkjr8vzNlWRfI4jSqfFw8pVAehahWPKcqSeOz6h-GY_0e4h3yj3gdR2aGZ2f59GPA9qGuZxVvAyIP0ElVy8ckdD-0T7GSg3ZVDh_JCDCi_9ZM7cgyBEi3DG0LkU_zBmwXLmBbe6KJTe7FpTr1uLpoCsOlL1zCzR5fJf9hG4YZ58EhIyOzrJ9U-FGMLOysVHnQTQ53bDNX3gn9hzZUjO4xsJTC9JZX8LG4_ABKztm7agBIgF0OuJ4TmSBQQIBBgBkgUECAUYBKAGLoAH7ZqgZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMu9MtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYyIiL3c_pggOaCfIBaHR0cHM6Ly93d3cuZW5wYWwuZGUvYXJ0aWtlbDIvbWVoci1hbHMtZGFzLXNvbGx0ZW4tc29sYXJhbmxhZ2VuLWluLTIwMjMtbmljaHQta29zdGVuP3V0bV9zb3VyY2U9R29vZ2xlJTIwRGlzcGxheSZ1dG1fY2FtcGFpZ249MTU1MDQ0MDU5NjgmdXRtX3Rlcm09MTQ2MTQyNTkwNjM2JnV0bV9jb250ZW50PTY3MTk0NTg2NjI5NSZ1dG1fcGxhY2VtZW50PWJlbWJsb2dhZG8uY29tLmJyJnV0bV9kZXZpY2U9YyZkZXZpY2Vtb2RlbD2ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQK4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgyODc2OTQwNTM5ODc2NTcYAA&sigh=Z_MpyW5dEdY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNxMtW-CVextX3qCrsFltDXDkYsVW_YLTPhn4XyMqPpExE4Wm4WAceOylIa5HuQQrUQw1gGuZppLKVv4QZT4wH2nFMtYI8JYHE5y4YAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210293718186691604409%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226596413028322674897%22}&andc=true

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdl.Gx.jARep5UQAFn35wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

Request Chain 142

https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 146

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=17253000139103704444978012523008&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564

Request Chain 150

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52

Request Chain 152

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=

204 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
bemblogado.com.br/ 84 B
361 B 302ms
130ms Document
text/html 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://bemblogado.com.br/
Protocol: HTTP/1.1
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 90270d4ae631e96dfa955487e1ebb6f068578a2be3d19a6d9ed1c5d262e75624

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 100
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Nov 2023 16:25:24 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
bemblogado.com.br/site/
Redirect Chain

https://bemblogado.com.br/site
https://bemblogado.com.br/site/

179 KB
49 KB

1638ms
1637ms

Document
text/html

192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: c8b8673934dbbc424808b57c41e30231950834bdf9942259136d475f4571fdfa

Request headers

Referer: http://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 16:25:24 GMT
link: <https://bemblogado.com.br/site/wp-json/>; rel="https://api.w.org/", <https://bemblogado.com.br/site/wp-json/wp/v2/pages/89283>; rel="alternate"; type="application/json", <https://bemblogado.com.br/site/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-litespeed-tag: f75_HTTP.200

Redirect headers

content-length: 239
content-type: text/html; charset=iso-8859-1
date: Wed, 29 Nov 2023 16:25:24 GMT
location: https://bemblogado.com.br/site/
server: Apache

GET
H2 200 style.min.css
bemblogado.com.br/site/wp-includes/css/dist/block-library/ 102 KB
19 KB 550ms
547ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 14:13:56 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 frontend.css
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/css/ 71 KB
13 KB 548ms
546ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/css/frontend.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 51deddce2061e92e3f5354e9a1cfb6c44a34779ea37509e7fcd222a9af116ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12898

GET
H2 200 style.min.css
bemblogado.com.br/site/wp-content/themes/hello-elementor/ 6 KB
2 KB 447ms
444ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/themes/hello-elementor/style.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:56:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2276

GET
H2 200 theme.min.css
bemblogado.com.br/site/wp-content/themes/hello-elementor/ 13 KB
3 KB 446ms
444ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/themes/hello-elementor/theme.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ab14e945bc72af34e28b188ff288f89d5fff8049ef298cdaeb189af9eaf164e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 12:56:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3351

GET
H2 200 frontend.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/css/ 153 KB
27 KB 447ms
445ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/css/frontend.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: f4fc30c4e9f080778ac2f49816e7650fb6b13f26b1decef6dcfb55209b002274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 post-89528.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 338 B
218 B 445ms
443ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89528.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 98ffa42ce3f18359719610b0ba6da67b159897622e9b8ce39cc028454ae446a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:15 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 163

GET
H2 200 elementor-icons.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 445ms
442ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4042

GET
H2 200 swiper.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 448ms
446ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3188

GET
H2 200 post-89244.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 15 KB
2 KB 444ms
442ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89244.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6f458cc595c07157e118cfc1b0f09dd34aa02eb00fcab7688ca7eef7dababe27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2415

GET
H2 200 frontend.min.css
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/css/ 448 KB
69 KB 548ms
547ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6373b977c2e74421978a4f4ec2ec6ea4259b5dcb5968b4b5cbe8df78c310e1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 post-89283.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 59 KB
10 KB 653ms
651ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 900c7bdac483b7fe96516c706e902bc1ca0c012526b42aeaf2b22927d6372060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 9793

GET
H2 200 post-89265.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 7 KB
1 KB 654ms
652ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89265.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 820c6a4627f2731479fbc2133d5047d493f71058bf20a445fac83a6a660444bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1188

GET
H2 200 post-89261.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 25 KB
4 KB 655ms
653ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89261.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: db55133a67a89d7afa8eec358261698e5f831c82cdb2107973b8fe404f5ddc7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4345

GET
H2 200 post-89590.css
bemblogado.com.br/site/wp-content/uploads/elementor/css/ 2 KB
599 B 655ms
653ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89590.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 16cb5bdf4fab9cae6686619fbf8ef1b240302bd7ee037e91ae036b35d2405a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 567

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind+Vadodara%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBarlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e173360f5af3286284d8543def13aa486b8fa8b99ca2ebcaeadc8c17593a9623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 16:25:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:26 GMT

GET
H2 200 fontawesome.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 654ms
652ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12577

GET
H2 200 solid.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
341 B 651ms
650ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 309

GET
H2 200 brands.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
340 B 651ms
650ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 308

GET
H2 200 logo-bem-blogado.png
bemblogado.com.br/site/wp-content/uploads/2021/07/ 33 KB
33 KB 653ms
652ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/07/logo-bem-blogado.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: bf9f2d5bcce79d7840892c9d7e662802236736b019105c61e2b8e05935852a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
last-modified: Sun, 17 Oct 2021 21:12:43 GMT
server: Apache
accept-ranges: bytes
content-length: 33890
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
52 KB 93ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb39ecdd00d2c4a7176fba403633c5caefb9c372fafc5c062f18d2f859543434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53244
x-xss-protection: 0
server: cafe
etag: 1887587394974266834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:26 GMT

GET
H2 200 midia-jornal.jpg
bemblogado.com.br/site/wp-content/uploads/2019/09/ 149 KB
149 KB 314ms
314ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2019/09/midia-jornal.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d8d739e5fc6466a6ed3dd3bba314c862822c0084d3841f8858d2da6d58ad8df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
last-modified: Mon, 23 Sep 2019 12:47:13 GMT
server: Apache
accept-ranges: bytes
content-length: 152107
content-type: image/jpeg

GET
H2 200 21-dias-de-Ativismo-pelo-Fim-da-Violencia-Contra-a-Mulher.png
bemblogado.com.br/site/wp-content/uploads/2023/11/ 290 KB
290 KB 314ms
314ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/11/21-dias-de-Ativismo-pelo-Fim-da-Violencia-Contra-a-Mulher.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 0b5d980405f1a539020b83c679df387b77ec1c8c609acb18694291fb8bcd8dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
last-modified: Fri, 24 Nov 2023 22:33:25 GMT
server: Apache
accept-ranges: bytes
content-length: 297085
content-type: image/png

GET
H2 200 manifestacao-protesto-stf.jpg
bemblogado.com.br/site/wp-content/uploads/2021/08/ 110 KB
110 KB 194ms
191ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/08/manifestacao-protesto-stf.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7d6bd80dcc841bf4232f35f9a555ac9e8b6a5515569c7d1994cad95ff30956bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
last-modified: Sat, 16 Oct 2021 20:03:02 GMT
server: Apache
accept-ranges: bytes
content-length: 112131
content-type: image/jpeg

GET
H2 200 pesquisa-china-tecnologia.jpg
bemblogado.com.br/site/wp-content/uploads/2023/11/ 5 MB
5 MB 194ms
191ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/11/pesquisa-china-tecnologia.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a0a2b77c43ee77452b2bf6a2f545f8fb74a8258555bdee0d639689dab4e4e71e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
last-modified: Fri, 24 Nov 2023 22:40:34 GMT
server: Apache
accept-ranges: bytes
content-length: 5747096
content-type: image/jpeg

GET
H2 200 IMG_20230715_134732.jpg
bemblogado.com.br/site/wp-content/uploads/2023/07/ 5 MB
5 MB 888ms
887ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/07/IMG_20230715_134732.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 86cda207bb9abf4e76744b003e3348daaee8577af83ea80b2f06e98d67a2f0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Mon, 17 Jul 2023 19:20:14 GMT
server: Apache
accept-ranges: bytes
content-length: 5182140
content-type: image/jpeg

GET
H2 200 fontawesome-all.min.css
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 54 KB
12 KB 861ms
858ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: a64b01d95264e4acae6862a8769b15613750d93c6435ade24925c8a069ea5b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12140

GET
H2 200 fontawesome-v4-shims.css
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 26 KB
4 KB 864ms
861ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 19:48:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4414

GET
H2 200 animations.min.css
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 865ms
862ms Stylesheet
text/css 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2997

GET
H2 200 jquery.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ 85 KB
37 KB 863ms
860ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/jquery.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 14:33:36 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ 13 KB
5 KB 864ms
862ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 08:49:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5422

GET
H2 200 jquery.smartmenus.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 860ms
857ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9638

GET
H2 200 imagesloaded.min.js Show response
bemblogado.com.br/site/wp-includes/js/ 5 KB
2 KB 860ms
857ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/imagesloaded.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Sat, 13 Jun 2020 21:53:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2103

GET
H2 200 jet-plugins.js Show response
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/lib/jet-plugins/ 6 KB
2 KB 864ms
861ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/lib/jet-plugins/jet-plugins.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d98bdd8d9c4da34ca6f4639dbccbfd3d45154788793091ef016384411c97759f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2412

GET
H2 200 frontend.js Show response
bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/js/ 55 KB
17 KB 863ms
860ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/jet-engine/assets/js/frontend.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 76b097d6e0e8909b60f072b3ce1f49fe6e274494d45ae388d573019f29ebf573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:23:41 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 17548

GET
H2 200 webpack-pro.runtime.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 861ms
859ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ff6a57fb71498826e9c37e64a6216349c3a637fc14a0ca1162ab548a453de078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2643

GET
H2 200 webpack.runtime.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 859ms
857ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2316

GET
H2 200 frontend-modules.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 52 KB
20 KB 861ms
859ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill-inert.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 8 KB
3 KB 860ms
858ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 14:16:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2977

GET
H2 200 regenerator-runtime.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 6 KB
3 KB 861ms
860ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 18:56:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2726

GET
H2 200 wp-polyfill.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/vendor/ 16 KB
7 KB 864ms
862ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 17:24:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6842

GET
H2 200 hooks.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/ 5 KB
2 KB 860ms
858ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/hooks.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 17:24:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1619

GET
H2 200 i18n.min.js Show response
bemblogado.com.br/site/wp-includes/js/dist/ 9 KB
4 KB 863ms
861ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/dist/i18n.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 23:08:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3951

GET
H2 200 frontend.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 858ms
856ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 8b282aff34d04a851b1396e4451d1ddb3d9b00a330f4c9907d4dbc8df632104e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8611

GET
H2 200 waypoints.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 861ms
859ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3747

GET
H2 200 core.min.js Show response
bemblogado.com.br/site/wp-includes/js/jquery/ui/ 21 KB
8 KB 861ms
860ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-includes/js/jquery/ui/core.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 19:36:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8343

GET
H2 200 frontend.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 40 KB
16 KB 863ms
862ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/frontend.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:26 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 16453

GET
H2 200 elements-handlers.min.js Show response
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 35 KB
11 KB 887ms
886ms Script
application/javascript 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 4edefaae0530f8e4876f4002cef896bf8eaec505584d8060b2a427122cc12493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 19:22:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 11029

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 15:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2148
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 29 Nov 2023 17:49:38 GMT

GET
H2 200 abstract.jpg
bemblogado.com.br/site/wp-content/uploads/2021/07/ 120 KB
120 KB 881ms
880ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2021/07/abstract.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: 3f693849edf3db91546d7f6211a09e7b26af212848f7d20a2d5dd218ccf24c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/wp-content/uploads/elementor/css/post-89283.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Thu, 01 Jul 2021 20:59:30 GMT
server: Apache
accept-ranges: bytes
content-length: 123032
content-type: image/jpeg

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind+Vadodara%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBarlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:26:59 GMT
x-content-type-options: nosniff
age: 493107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 23:26:59 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 46ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:49:49 GMT
x-content-type-options: nosniff
age: 405337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 23:49:49 GMT

GET
H2 200 fa-solid-900.woff2
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
76 KB 876ms
876ms Font
font/woff2 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Mon, 07 Aug 2023 19:21:49 GMT
server: Apache
accept-ranges: bytes
content-length: 78196
content-type: font/woff2

GET
H2 200 neIQzCKvrIcn5pbuuuriV9tTSGH2uXQ-oA.woff2
fonts.gstatic.com/s/hindvadodara/v13/ 14 KB
15 KB 39ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hindvadodara/v13/neIQzCKvrIcn5pbuuuriV9tTSGH2uXQ-oA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7228a077f0c25993ee7599dd9788316135be1755cb02490dc6c880d03205676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:27:07 GMT
x-content-type-options: nosniff
age: 345499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14796
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:27:07 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:54:41 GMT
x-content-type-options: nosniff
age: 426645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 17:54:41 GMT

GET
H2 200 neIQzCKvrIcn5pbuuuriV9tTSE3xuXQ-oA.woff2
fonts.gstatic.com/s/hindvadodara/v13/ 14 KB
14 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hindvadodara/v13/neIQzCKvrIcn5pbuuuriV9tTSE3xuXQ-oA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57b9ed46db9f0404ccd138ab81ac7cb24d5a084103cfdc53b776792f1d487465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bemblogado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:23:09 GMT
x-content-type-options: nosniff
age: 381737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14672
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 06:23:09 GMT

GET
H2 200 Diretas-j%C3%A1-anhangabau.jpg
bemblogado.com.br/site/wp-content/uploads/2017/06/ 134 KB
134 KB 870ms
868ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2017/06/Diretas-j%C3%A1-anhangabau.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash: ba786e87bcd713a41f1979c5d861d9f2873d5c4682a036fc1f08c426f1cfbf57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Wed, 28 Jun 2017 20:56:32 GMT
server: Apache
accept-ranges: bytes
content-length: 136716
content-type: image/jpeg

GET
H2 200 Sergio-Vaz-poeta.jpg
bemblogado.com.br/site/wp-content/uploads/2023/11/ 208 KB
208 KB 867ms
866ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/11/Sergio-Vaz-poeta.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Wed, 29 Nov 2023 15:14:05 GMT
server: Apache
accept-ranges: bytes
content-length: 213011
content-type: image/jpeg

GET
H2 200 Lanny-Gordin.jpg
bemblogado.com.br/site/wp-content/uploads/2023/11/ 496 KB
496 KB 869ms
868ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/11/Lanny-Gordin.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Wed, 29 Nov 2023 12:35:32 GMT
server: Apache
accept-ranges: bytes
content-length: 507468
content-type: image/jpeg

GET
H2 200 familia1.png
bemblogado.com.br/site/wp-content/uploads/2023/09/ 224 KB
0 868ms
867ms Image
image/png 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/09/familia1.png
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Tue, 12 Sep 2023 16:11:58 GMT
server: Apache
accept-ranges: bytes
content-length: 491918
content-type: image/png

GET WhatsApp-Image-2023-05-19-at-13.40.09-1-1.jpeg
bemblogado.com.br/site/wp-content/uploads/2023/05/ 0
0

GET
H2 200 IMG_3939-2048x1536.jpg
bemblogado.com.br/site/wp-content/uploads/2023/04/ 0
0 867ms
867ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/04/IMG_3939-2048x1536.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Tue, 04 Apr 2023 15:46:49 GMT
server: Apache
accept-ranges: bytes
content-length: 397707
content-type: image/jpeg

GET
H2 200 IMG_3221-2-scaled.jpg
bemblogado.com.br/site/wp-content/uploads/2023/02/ 0
0 868ms
867ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/02/IMG_3221-2-scaled.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Tue, 07 Feb 2023 13:03:24 GMT
server: Apache
accept-ranges: bytes
content-length: 564545
content-type: image/jpeg

GET
H2 200 IMG_2439-2-2048x1235.jpg
bemblogado.com.br/site/wp-content/uploads/2023/01/ 0
0 868ms
868ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/01/IMG_2439-2-2048x1235.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Mon, 30 Jan 2023 15:24:03 GMT
server: Apache
accept-ranges: bytes
content-length: 233371
content-type: image/jpeg

GET
H2 200 Assucena.jpg
bemblogado.com.br/site/wp-content/uploads/2023/11/ 0
0 868ms
868ms Image
image/jpeg 192.185.215.219
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bemblogado.com.br/site/wp-content/uploads/2023/11/Assucena.jpg
Requested by: Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.219 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: vega-ip07.prodns.com.br
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
last-modified: Fri, 24 Nov 2023 22:53:35 GMT
server: Apache
accept-ranges: bytes
content-length: 101707
content-type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
222 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=74170720&t=pageview&_s=1&dl=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Bem%20Blogado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=151269413&gjid=976822126&cid=599664749.1701275127&tid=UA-47830520-8&_gid=400148422.1701275127&_r=1&_slc=1&z=100651465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4c3ca291235f8e06df80f338ead76fcdf7d1375ced7d20ab90d6d18adc788783

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bemblogado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 121ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1300ba0b8758d7bc790b67e4690c124bb46e4a8cdc3901605bb4721b1d0c42b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 16:25:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 106ms
91ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8287694053987657&plah=bemblogado.com.br&bust=31079811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02a03842f4541b511de1f490dc410dd465a9d63407350ee8dae6e3c4f7726628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137284
x-xss-protection: 0
server: cafe
etag: 10481499149648634511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:27 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 3668 9 KB
4 KB 28ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8287694053987657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:36:58 GMT
etag: 13268084621564590274
expires: Wed, 13 Dec 2023 09:36:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YNST7LZLF9&gtm=45je3b81v9112192516&_p=1701275126973&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=599664749.1701275127&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&dt=Home%20%E2%80%93%20Bem%20Blogado&sid=1701275127&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2903
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 61ms
23ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YNST7LZLF9&cid=599664749.1701275127&gtm=45je3b81v9112192516&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNST7LZLF9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bemblogado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 65ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YNST7LZLF9&cid=599664749.1701275127&gtm=45je3b81v9112192516&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=517144889

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 965D 712 KB
168 KB 1338ms
1338ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&adk=1812271804&adf=3025194257&lmt=1701275127&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127121&bpp=3&bdt=881&idt=250&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8052499195794&frm=20&pv=2&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8287694053987657&plah=bemblogado.com.br&bust=31079811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9acf5b95dd7032aab6f0f8c357a5f6a4aebdb09f868155aa706ab3ec419e9704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 171766
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6479 91 KB
42 KB 978ms
978ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1701275127&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127124&bpp=1&bdt=884&idt=280&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd6d67c5a1835b0cff501cb9de84f86a921dffdfa0bff967e23e7971ba10177c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C837 120 KB
40 KB 791ms
790ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1701275127&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=284&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78c26c256682611d4ed838df5e4043ff45e85ec5f4af5e6565b3e1d598a928fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41099
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30FE 25 KB
11 KB 681ms
680ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e96df2c7db632f63273b806f60bca3fe72b5ff122a4c84307a3899ae25669d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET fa-solid-900.woff2
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 0
0

GET fa-brands-400.woff2
bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/ 0
0

GET dialog.min.js
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/dialog/ 0
0

GET lightbox.3489c2bc8f62c7ee72ed.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 0
0

GET share-link.min.js
bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/share-link/ 0
0

GET nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET search-form.6eb419c467197ca411a7.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET load-more.064e7e640e7ef9c3fc30.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET posts.e33113a212454e383747.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET text-editor.2c35aafbe5bf0e127950.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/ 0
0

GET form.72b77b99d67b130634d2.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET popup.483b906ddaa1af17ff14.bundle.min.js
bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/ 0
0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FE 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJD7UYbhzb8IpMvb2hiwkq67JCaruBbWgBSFuwWV3l7rpNHFxCyZKugciviYZQjvMfM4DrRohYKWT_cdCuekbRz1N7VCtCVyBZpCmvAGfAnarKHLE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FE 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6292479376757849229&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 30FE 89 KB
31 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 30FE 3 KB
1 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 30FE 20 KB
9 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30FE 202 KB
64 KB 125ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53B0 624 B
246 B 48ms
48ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV3fzHMZ2gxluR7w2eL2Xxd_uPkI3_KLomDQTbOe2fW1FKapYljOLpgharkASfp6yWrT7tN_zRPjlr8b7dt8wUMjQ5t75U7Nok5JNtggnz3-uTx-TXqvmGF7BKhrIZod-s8bH5X0ipm0GrveryJVw_4QZAo_nf-AkG4ae4BlEz0R0WqsGo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 53B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1

43 B
766 B

28ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV3fzHMZ2gxluR7w2eL2Xxd_uPkI3_KLomDQTbOe2fW1FKapYljOLpgharkASfp6yWrT7tN_zRPjlr8b7dt8wUMjQ5t75U7Nok5JNtggnz3-uTx-TXqvmGF7BKhrIZod-s8bH5X0ipm0GrveryJVw_4QZAo_nf-AkG4ae4BlEz0R0WqsGo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYUA84in13GOgpiU5DF1comAPFZdC6Ne3OsJkA0EgPJgZKywg28Bj%2F6ldbkRffaCy4cTMZEGlikUQiK1OgdOg7lOGTlxoWFTCFsUewH9a5J7O66KFxm1lRk93CSvLJ2IWafxXZi6vyHpCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc34ef7e975bed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 53B0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdl.Gx.jARep5UQAFn35wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2

43 B
735 B

32ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV3fzHMZ2gxluR7w2eL2Xxd_uPkI3_KLomDQTbOe2fW1FKapYljOLpgharkASfp6yWrT7tN_zRPjlr8b7dt8wUMjQ5t75U7Nok5JNtggnz3-uTx-TXqvmGF7BKhrIZod-s8bH5X0ipm0GrveryJVw_4QZAo_nf-AkG4ae4BlEz0R0WqsGo
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4JOUAGdo6%2Fr5srJJG%2Bf2%2F3XiQsnEYOJEDvBV2Htk3ZfZag9GDUCzZFWLtforTJUm9s%2Bo18r8PBAxxwXIYNuazGM1Xa1hVmN0dWU5gIfXSquQKMszvJnocpSF11zGnkquzkZYHqN7DG3fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc34efbec95bed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 53B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

43 B
837 B

8ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV3fzHMZ2gxluR7w2eL2Xxd_uPkI3_KLomDQTbOe2fW1FKapYljOLpgharkASfp6yWrT7tN_zRPjlr8b7dt8wUMjQ5t75U7Nok5JNtggnz3-uTx-TXqvmGF7BKhrIZod-s8bH5X0ipm0GrveryJVw_4QZAo_nf-AkG4ae4BlEz0R0WqsGo

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
an-x-request-uuid: 0a8dca36-ed21-4856-9cc2-dc5de6542350
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53B0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

170 B
243 B

29ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
an-x-request-uuid: 091eec9b-c3f8-4b1c-8c6a-4258017b8700
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C837 6 KB
802 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=250&slotname=2489941788&adk=4036205056&adf=3446456765&pi=t.ma~as.2489941788&w=300&lmt=1701275127&format=300x250&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=284&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=435&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 14:30:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C837 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C837 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:50:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C837 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C837 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C837 202 KB
64 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame C837 37 KB
16 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/1011305908793822038/ Frame C837 33 KB
33 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1011305908793822038/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5544bb539302b2486fca60ac002f9b4e922453cfd8dacd5555d49247310e545c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:28:18 GMT
x-content-type-options: nosniff
age: 406630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33895
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 16:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 23:28:18 GMT

GET
DATA 200
OK truncated
/ Frame C837 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f7284308b9dfe1e508c5fb06e209d72414d41c117a18592dabb2f39ff06cbe0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FE 0
20 B 42ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3668142271789&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FE 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3668142271789&version=m202309260101&ct=77&x=1&cor=6292479376757849000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30FE 20 KB
14 KB 316ms
316ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkgW44Rr7KzRAz7SjSG_Dnin2isUgToKlj1RfTd4h3RMV-E-GGtMxTMoS-dXo9uGTep1QQKPkzUtU1jYpHNeOKjzAU1ppeiB6HUSSNAvfroVRfNmY1z4SXK4bDWbQMlGxgzRxsFOkhumNH9J0wrVIp6ox7uhgeLGbHH_Tu5D12jiJYHHM&cry=1&dbm_d=AKAmf-BY5q8Ysr1cNTuKLSd766ZeE7YJsWX9xMSdF2ssaUxPqQB6u9HC3LNA3oTaTOWbd-BaF7El6W_yC7OdJMA1Vkh00SeJMONhz1tdncRvg9229ASRBZ3cbfaTBiGaxkrDOG5BkUC89BZL4ep99QvG91Lxe2a52ZILwUCw9eOpxcUflYPFKEyL0NLpHqoe01v1yR-WDy3A9qjjbESQ8F8g-DO0fI7qMQucZLEdHgRs2Qx5BOvdbK76jYHcPxuB07vN7VXXiSLPheebBgq42MWm-icSoz-28HklE1zkLJAxEIcoEqETwVYs7GOSkqIbA7B2cj3Ly1NYPOOqBe7DIHwS7Hh9XPsyvZPK5mK4weX6ZZC9v1QyCdRwBjoSz7okqtQe1h_XtUp9Rjf-k3XpemTt74oIdbrKyk4eXs3FO4NPqXXYMFTZNx5yoLPr7IbIKRlrzHD5ImjhasYVQdxgs_q21USpt1Bn7GOZ-1WikA4GMBBEHCGkMCYMl95Be9c78RRr1RNPtYgF-WQREgp8of5VPj541PBharci_zY1MYo9HOb0Y4LDVgm4KSsHbkzddlexR-QwiVsZQe__kqTM9X8YIl4zy-yeNHK5Am2h3G_jRda1B4Yi5tU7XSUjjnIPHk-Hc6agZ8ioZuBnYZimN55lakFb5gfghHK5Zst8YYAUhdGdNFZnCCu3DkPcg2BOM8Ab7oz16S4F3UvM2FmjvosdeCzkPdwKBg7IWRoDjYN3_ZUluX_dGZfXSPk2CLBd1HFlL5AczacAgbNqdEWGor-8p-ZbdKSeomxT8ffvpQaD93MgJsZC9kOBOVGYD0Rs0jl3rhL7B9BbbpVaqlkdeWEoZnsE_gqNAAHJGafLSox1HUslcktTqtZIgxIGLjCdo4FfKWi66ej2hu9Zl6sKwfEzqOCSO1cBrXZLrMNMar8PGFhl9_2lCI0TPc97lsaq3V-D16raNzUPTVPox54gBPoAyfNFR_yzei5T55IZOR71Ej3KJ2_tPyw-LKG2c4gqM3VLjrDTh5qCL2Quahhteo5ikMoSrE0_XEPxOYXaQYQAK0ua92JGtUSeAUI51fifC53jxwjCAHRnCcSJ2YTY7b81P_jFyEXG3rfheKOSzxsvCxD1ipMldKmOy4hO7A52RpbAM9BGGI0Q_1MLn5AEIBvoulMTael-KvaIaVmQSlx1hyaeD28GxY1ppYb1cpBZ0QGzEnaL0_AtuCJ2CSMJeVuZgNflOqsTQ2PPvbe00xZyZt3jPQdceKG4-uuBXDXQUTaBt5CL5gvWsWrhjmPuufjm0I8NnJbbefPyMmTIBD-arUYUXjx0BPOovx4Nvs8RomUcDKt8uqaR8kxrt3AOc8-e6dsRIvlPyQLLU6kHdSUcDo8egyBdd5fBA28cYIXAzq4pcvMnNEVmxDJrLvsRWbL4JjtbSnWizBvCO75v8jJl3zBkZruCgkXaHvuDbFa-OiewpzaN1gBkvbZDg1xy_7TG03dAlzVEZSIyZjnx0jw-nrVCxR1hKJr5INc5TRMUW9kRjym1Gr2jCoIWHwud-nFXYy8EBZFPyouL01eZYGW3Pvl9xFL1GqmrJbXbQfj8t8j37oLaMwIdDVbhhiv49iCc3_Rvw4T2gGZ4EUzNXxJ444AdgKgeKreTV99hbuDGZVgzqcceH-uX30NIOtrls7_bxvqYza-V2gAahUaKyPyOBnKL6lFB0a7gMECHGY-fHwmO_mGHdyZZ-TG2PufF6g5VQHkoX1st0ct1t_ACiIIWv11_NxAGsjpVfY1zITjg3o5jd_n9Bx4r9z8RztVLDqq-Okq0PY2j822_JJ8pf77x3V1Ek4DctUzpnNEOxneX69vVEI-LYll3UK6OcsQ69yiUSsJogwId3645JM-E9yNZqg0WxYATr7-j4vy1-A5b5zzzLouoRQoEBqgHkSiywpQTmss2Syrk9QNtOSkTfy7XCUt66P5f4fQ4p1n5InGTIhXMeNR31ZY3SsiWLm4pNxgQiMH3aBgrNrB6xa22d9a5qPD1r8DXEvnw223BwVHBBP8WmqD-sBMQk7fSjubDp9zO9YCKyu9ku1HPr925VvgGnXZFa4-f4Xt885GYI7-PRVBgm6vpXvnprPDkpi4xzf4n6XjavkgcnzyaQuT8wl-WuDvIth9DXUYABIfFwY5uF_3dK2SrnTQMNbFBn1hXN3NAdfFXYWQTWJmklirpJlukrh2-x1xa8ciMIhUmW2ZIDiC3s07kqeRkgRBTnMdgvSsyv8qOb_WyzbchVCJna7_NqVjxSCfkNYoxjh6R9wGnPBTimSGmL126vBQ0iS9NN2lVeNqGtFvPGBTZGcJy3W3mtyC-xwaqukKpd2CUH_yOVeVMYjz6Zl5_82lO9ytMuwsTvNh5QmGN2YoUItU3oJcHzuejg6xChu33oySMUtImy-61BP04poiZThb4zdDAPL7SMgkXwnynWtOnB913To5ZYWBy-2AZWHfjJvyn_d0erwO5gnqN1U6n5M2aXbGSl3IeCjAP2Fzo7OvGQ0KDFmCGyt1rE6iGaYlzKEy_MeOInRMwnP2BpHtBIVymMny92RFQV_PhAOJz93IdPN05TSOMLi37nrR8CPvl2jqY0X3DmNjlYtNbIh0CI2XDHb6IXp84E0puyGeTtqY-fU7NkLDODFgJXXFGK_r7zQi53X6Z8pgR3WNP-6KeHsdhRDUm_AfPCO0k7G_qyrkkqPMEwoR1XAewBYXqjRX6g8xtNChSv2JTslefkiNOhQYoFTHZuRKrGWGjRjoaVln2p2l0aHylno1VBC4X1o8ohBPQuz6Um33sRd2UeD8AMesFA0v1__Pj87qurx79cC2j-sy-xTWv9J0nKfqyeETPHC2dlPpzahEruhfTDOzXnIyWKIbRV_FPFyqCnB9AyAJJESvzwqIBI0O60ZYaFztqC2IN2rk8xk1wO74UVCfCJ0GF6lO3vOYZ8UhwRNeuZcjSsCTqGuh6E-btrmK6qwgO2ufDuaJA96rWQBuo5W5jjPrPBHE3tIYyfs8doKu8O5Z1aAuGcLS_T1fwxB2GzCSvNvpL1O_UTQ0yeZ9aQKVZd0SKvdCpH6A6WAzSwDkq07g1G4CNPCvsHGW-b-fL3-pGGAR5NcWSdQIVG2BocpecDeGDpTD_hraSpYJrGKe0zBHYRgz5Z9W0I4EcRgCZgxF_TG6O4M09DprD6PVB8_BU9uUQD0921DToPGzbPXo9KGOFiT6swjXioMMq-fbtVEKAFu5dQYmKo4BZ9yzq1xp_U2eDF7oBq3cE0M7Awu_cLGkcYRPGVlT3H2uEDEsH1YdOKoDwb-ci9Lfi3Yh3uMUeVCf7oxldOfkfks3CMoKfejqLUTSFQcBynjvufuXkis816VeuE9eejrDOG2V8wNkmMPpcoKeMxlfzsrR4nke_yIMXo-8uaaj9Z5K83B340s1h628C63yJ3D457DLaRmmikcODp9VUlOdQ9dUXQpv2shWYiH154UdQv1Vnv3EUM8epo102N1A8NgzFRLSMiPe-9cL2EAV9_4mV05AO5zPVvvR2HF7Rylx1YU4EaXGrEM4xo7vkEjvY5lr8aKbJZEJUOexf_OTzuDeIsUKSTYkDkXB8HGgPW-VTXfxXx6Ds-jPSgqbWQPsl0IqGtWz7rfkksp73w4AY_X3xZpDwL33aeSKFUI2i5gR_pFq6bYwVklU9Xj7NP_5O716VbzlVDQt1kXBMx_bGNTI1sFPlY9lYYzEnZQEevJ-wwexb11v4tx6emCW5zGhpf4cqCrMfnCJQXrZahbgq-8oqfTqSUvpmjmuQq-jW6ScGpryo9D7gIiUY56GuiaeGmhS5Q-8G7Cvos7-vIHaBSZuoN89v2zfzEwGNU1DtmIEYwJfDJVGA0GTQlICDJ_LZblAPs7V9Oac66oDWY5BbI2b0L3v4DZHXOeppJOLHSuC_cL0uGf9ytyI2rWqGKVLy2reTFO5u3WcPVBtEUlp1NR0mr2X3V7MWrwCjEdp_VhFqS-4bSCxG3oOhn7-ci7rGSX3lpzZI27U2&cid=CAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbemblogado.com.br%2F&ds=l&xdt=1&iif=1&cor=6292479376757849000&adk=1964084972&idt=138&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5af2e1773fa2b2e87b1bad9a4ff98227046010e072803835495e20d970a325df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13856
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C837 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f4e82858259c22133c1555324b736bf03e6f827ac8add4791edc86542a2276c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C837 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 355699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C837 15 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 431167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C837 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 435753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 15:22:55 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C837
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQhC592VnZczzIr7F29gPntmDyQf18fqlcoDvna3UEa6o0ohREAEgzfjeI2CVgoCAoAegAfvk35gDyAEJqQK-F5vFC2qyPqgDAcgDywSqBI0CT9Ao9aO-S8MClI9AWJLietnCiaDjgmLYdgH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210293718186691604409%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%222...

0
0

64ms
42ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210293718186691604409%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226596413028322674897%22}&andc=true

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10293718186691604409","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"6596413028322674897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Nov 2023 16:25:28 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10293718186691604409","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"6596413028322674897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CC4 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6479 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AK7B5xJUfIMnKv1phhoeSrZRqlTMs26AOUFKvE_dJc9R0vyh0RQoWH8W4P0v_KEHI16VBgXdEHHqKH98pxj8MAB58VEeVMPj8o3BAz0NIEltBWohc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1701275127&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127124&bpp=1&bdt=884&idt=280&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6479 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 12:41:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6479 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6479 202 KB
64 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED05 624 B
245 B 48ms
47ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRC8jn4Y2LjO_gEwAQ&v=APEucNXKAwWLN68k75OlbW-AuNjP1mOi4Rtb1IXsdPPyb877bPd7zTMiYP6oCTzR8_BEdNG9VJdjseDqM6zwNJ4Yg4SGKRXzEAestpN-RHbJxq63lM7U0h50Gu9PR7TBDVw6IXjxZn-Yq9-QypS78Z3xNMvoGN3ixAkbW0NCBYp3yT8GQEGBiMg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=90&slotname=3741984719&adk=2899895673&adf=1313107541&pi=t.ma~as.3741984719&w=728&lmt=1701275127&format=728x90&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127124&bpp=1&bdt=884&idt=280&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=464&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:28 GMT
expires: Wed, 29 Nov 2023 16:25:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6479 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 6479 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:40:28 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6479 0
0 97ms
55ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdprjvzHHlrl2wSe8W47EpK9YsV_ORSdW_RZhwZFWYyouPcfZ2gRbnHgZHSPyoy4Yt7T463t-584on_PmlTXAxJfgA24cA9A5Uh2fAGH0VCl-RN3hYcFm5EeR6tePOtLEDhyT5dnv79AmMf5uzL56LpsKINk6I-yfqQZDYDS1qGGJ-AhaFC2gxNC7YYD2yhhRPP7n_JimxuxQtlCp_Za3J3Q0lsi8B2z8JHfQ3awHHpqRBSBaQMm_AXTMMUylyfLwrKs-c-AMTrsKfwPlGuBbD-ViCJ1krtxPreYtqKUN4IEG5krTimyT-9NC43Q-HIwOMKpA79XRYySzMvQDC9JaBe13n1rVF7v6QZb7qENQ7zjmrNMJB02HAgglgUjLoxZEzOrUs6LNw6A8Ui8a5YXbCbK2VcNXSAwGgGIRuGZnv0SBYXGyE_TyTouTF9ckEd9AZA5CL-B3k3aSQsJIcTMjhbZrE4vt-k5bdrgc4fpdaSZNrJkYV5Hm_tT57VvuL3MxHnc_AFLbzgjR6EXCITRU8TSS6DA_1hM27uCyNQZS2VeGFjFFZQwUFwqxZM9pEfHin4sLXumfebe-__tILLmC-dIxJsu5dl0U6eNhwECI9BgBpTMykeG3p9K-Dqn-2wm4hc_JjaXPVQkBnWCMJB2p6bqe4R2X0hAwn9D7aEI8_I97CcaSVc1vqXD17UBZHIZ7cUccA_eDwJGl8qiASJcMJxmEs47EVhow2TTeWHJa6RVCZ-p9fWh8EbSGjwd_5nHlRQ2cngY3VYY0324npZ7r0RQX86ij9wUPXWSkDJI-Y2eyzhPi6e-Z9RvRUL_Xe3xeZIlXN64JWphVPaMA7Sd4CjHAsM-tiCEy_AoVfPyLMDUKMDlBJ0F_tJ-Qz-PYHGvxFhILQ3KdmMiNcgiVfrZlcWsVu57YFl2CXGi3eRSnDI4NBgwhHTGg2-buUN0y0iTCbHg5CEtdVz7ZfMlIi1-rNRxcJBGc8bjqIyPppKMuZgrSZCneq5alwKnAcooB52JsHKiJkacIktOsLNNkGz75aZqkNNzb4-ZOAiP_pegXlhn7gOl8h832ItSQVagMM2iX8FRdcwTvQ3c2wpTMLclCBvA3JCoLwOK6O6xCAJLLABHn9i345RFi6_EvFQLuwg66fvWusKgJ5DC0vz3KuB5cIy0WbK3sHQCObPXmeZK18kobdNxWLZ8XCjzbUUyVelpH7j-wXEgs3qxAQHzr9EuVFmgcEkOOiq8_s9xy1nvth-0gYP-vktLIMPHXbaxhmlZh6Jkgr7vLrKC8W3pWVc683HF8Nil4734EF1cRuLja4DUEK6lvNvrhObOgmsMsCAmPPQEVYByVJ6F3Z94K7IkfhsOrCoiINv-um4swMcu8sQSC8Nu-AHtTlcDyhqA1uAVMnNECegJ3MEV3qtkmTLrbaIPvaVdxc0c_2PNZvPAp2aPS4gV5vllqeWsnmAXtZOSbx&sai=AMfl-YSLnozEtrOSa9uCV6A1TXCyud7UhaF48g6FNzNlRwASuOaU67lGAZQtt5yQnypPMO5oBm3_ouvxwxGgMif9q_UEFdITzCJtxFNfgo1U71nagFHlmwOcth2OyesZiCpOlD9g8s-984nMBnr87jeUo4WowjzAQUmEzvd0jU24qhT866XtLND4bevnQuqz3KPDl0MWd2WjCbVtOjXi8L6RIs0LONcUEjxCyh7KQzB3KNqwKWT-PpCXpQbeqKkTF_sI8J2rmJlD0rbYphgzhAsSghWxxFI1FurtXIit618d30F1OE8gyUBQjDB8j187TcwiywVqUBSM61w6smaPJgQqoA535ShEnqEtEmleoY6BnsX7Tf9eDXGDGk1dQEAOxsYsVUJQE0N12j32vrdjMS9zYUiSi9aqawO6WvpQqBWqh4nUY2ptPkSiG7bKHwfXoHkrrMzQsbOCRexMGBzi_6J79R3Yl4xYVnJNq-_Mz3kgsYxJdLQFv5hhkTc1Guzpqx1PvEfL&sig=Cg0ArKJSzIZHL8bxs1fQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lcHNvbi5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.54075&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6479 41 KB
14 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H2 200 12285148622759515957
s0.2mdn.net/simgad/ Frame 6479 77 KB
78 KB 35ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12285148622759515957

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfeffa531f3ccab4296efcc4db5f7dfd9565b7ee92e53e02094c4bd786307cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:37:34 GMT
x-content-type-options: nosniff
age: 172074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79113
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 13:33:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 16:37:34 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C35 38 KB
13 KB 8ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 306408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 84ms
42ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 16:25:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6479 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95abd2d3390063ea73ec57a143a768b876a44aed3bf4af1c452d97be6750f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ED05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1

43 B
732 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRC8jn4Y2LjO_gEwAQ&v=APEucNXKAwWLN68k75OlbW-AuNjP1mOi4Rtb1IXsdPPyb877bPd7zTMiYP6oCTzR8_BEdNG9VJdjseDqM6zwNJ4Yg4SGKRXzEAestpN-RHbJxq63lM7U0h50Gu9PR7TBDVw6IXjxZn-Yq9-QypS78Z3xNMvoGN3ixAkbW0NCBYp3yT8GQEGBiMg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFMuv3Wb2y9cS4gly4HCG2mlNU%2F8NlQVwiymHJDEWYzVzA%2BhtP40rfbHRo35dAyvCu979CctBBAT2x6slRzktzTQaHcafuo0PJrvMBAFF4GOSSVocmzq7Ee0eEHzYKRsAmigVCQbO%2B3bNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc34f0f8285bed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ED05
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWdl.Gx.jARep5UQAFn35wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2

43 B
731 B

31ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRC8jn4Y2LjO_gEwAQ&v=APEucNXKAwWLN68k75OlbW-AuNjP1mOi4Rtb1IXsdPPyb877bPd7zTMiYP6oCTzR8_BEdNG9VJdjseDqM6zwNJ4Yg4SGKRXzEAestpN-RHbJxq63lM7U0h50Gu9PR7TBDVw6IXjxZn-Yq9-QypS78Z3xNMvoGN3ixAkbW0NCBYp3yT8GQEGBiMg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipf7GQiBI%2BjbTCx3vJMm5jOpRxOHUqEcGusZ9KIy82psvcQcHemxl3Oqklx0BrLoH0HVaAF2Aob1Xk8Xqiy1V0VrNEviu%2FNdxpnBoy8lgZx1fht3yuGvcrWan%2B0StcsZudstyNdcN27PNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82dc34f128595bed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8034vgZfpIsMr8lNhkFMw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame ED05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

43 B
836 B

8ms
8ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRC8jn4Y2LjO_gEwAQ&v=APEucNXKAwWLN68k75OlbW-AuNjP1mOi4Rtb1IXsdPPyb877bPd7zTMiYP6oCTzR8_BEdNG9VJdjseDqM6zwNJ4Yg4SGKRXzEAestpN-RHbJxq63lM7U0h50Gu9PR7TBDVw6IXjxZn-Yq9-QypS78Z3xNMvoGN3ixAkbW0NCBYp3yT8GQEGBiMg

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
an-x-request-uuid: 15ce1ac4-e1fa-4579-a0c2-cd6d76b1da55
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEG1VPaseYlHqrgo_bBfhAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED05
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
an-x-request-uuid: 23b28a0c-e8ed-486d-989b-463448bbf765
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4NzU1OTczNDg0MzAxMTEzMw%3D%3D
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6479 0
0 48ms
48ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdprjvzHHlrl2wSe8W47EpK9YsV_ORSdW_RZhwZFWYyouPcfZ2gRbnHgZHSPyoy4Yt7T463t-584on_PmlTXAxJfgA24cA9A5Uh2fAGH0VCl-RN3hYcFm5EeR6tePOtLEDhyT5dnv79AmMf5uzL56LpsKINk6I-yfqQZDYDS1qGGJ-AhaFC2gxNC7YYD2yhhRPP7n_JimxuxQtlCp_Za3J3Q0lsi8B2z8JHfQ3awHHpqRBSBaQMm_AXTMMUylyfLwrKs-c-AMTrsKfwPlGuBbD-ViCJ1krtxPreYtqKUN4IEG5krTimyT-9NC43Q-HIwOMKpA79XRYySzMvQDC9JaBe13n1rVF7v6QZb7qENQ7zjmrNMJB02HAgglgUjLoxZEzOrUs6LNw6A8Ui8a5YXbCbK2VcNXSAwGgGIRuGZnv0SBYXGyE_TyTouTF9ckEd9AZA5CL-B3k3aSQsJIcTMjhbZrE4vt-k5bdrgc4fpdaSZNrJkYV5Hm_tT57VvuL3MxHnc_AFLbzgjR6EXCITRU8TSS6DA_1hM27uCyNQZS2VeGFjFFZQwUFwqxZM9pEfHin4sLXumfebe-__tILLmC-dIxJsu5dl0U6eNhwECI9BgBpTMykeG3p9K-Dqn-2wm4hc_JjaXPVQkBnWCMJB2p6bqe4R2X0hAwn9D7aEI8_I97CcaSVc1vqXD17UBZHIZ7cUccA_eDwJGl8qiASJcMJxmEs47EVhow2TTeWHJa6RVCZ-p9fWh8EbSGjwd_5nHlRQ2cngY3VYY0324npZ7r0RQX86ij9wUPXWSkDJI-Y2eyzhPi6e-Z9RvRUL_Xe3xeZIlXN64JWphVPaMA7Sd4CjHAsM-tiCEy_AoVfPyLMDUKMDlBJ0F_tJ-Qz-PYHGvxFhILQ3KdmMiNcgiVfrZlcWsVu57YFl2CXGi3eRSnDI4NBgwhHTGg2-buUN0y0iTCbHg5CEtdVz7ZfMlIi1-rNRxcJBGc8bjqIyPppKMuZgrSZCneq5alwKnAcooB52JsHKiJkacIktOsLNNkGz75aZqkNNzb4-ZOAiP_pegXlhn7gOl8h832ItSQVagMM2iX8FRdcwTvQ3c2wpTMLclCBvA3JCoLwOK6O6xCAJLLABHn9i345RFi6_EvFQLuwg66fvWusKgJ5DC0vz3KuB5cIy0WbK3sHQCObPXmeZK18kobdNxWLZ8XCjzbUUyVelpH7j-wXEgs3qxAQHzr9EuVFmgcEkOOiq8_s9xy1nvth-0gYP-vktLIMPHXbaxhmlZh6Jkgr7vLrKC8W3pWVc683HF8Nil4734EF1cRuLja4DUEK6lvNvrhObOgmsMsCAmPPQEVYByVJ6F3Z94K7IkfhsOrCoiINv-um4swMcu8sQSC8Nu-AHtTlcDyhqA1uAVMnNECegJ3MEV3qtkmTLrbaIPvaVdxc0c_2PNZvPAp2aPS4gV5vllqeWsnmAXtZOSbx&sai=AMfl-YSLnozEtrOSa9uCV6A1TXCyud7UhaF48g6FNzNlRwASuOaU67lGAZQtt5yQnypPMO5oBm3_ouvxwxGgMif9q_UEFdITzCJtxFNfgo1U71nagFHlmwOcth2OyesZiCpOlD9g8s-984nMBnr87jeUo4WowjzAQUmEzvd0jU24qhT866XtLND4bevnQuqz3KPDl0MWd2WjCbVtOjXi8L6RIs0LONcUEjxCyh7KQzB3KNqwKWT-PpCXpQbeqKkTF_sI8J2rmJlD0rbYphgzhAsSghWxxFI1FurtXIit618d30F1OE8gyUBQjDB8j187TcwiywVqUBSM61w6smaPJgQqoA535ShEnqEtEmleoY6BnsX7Tf9eDXGDGk1dQEAOxsYsVUJQE0N12j32vrdjMS9zYUiSi9aqawO6WvpQqBWqh4nUY2ptPkSiG7bKHwfXoHkrrMzQsbOCRexMGBzi_6J79R3Yl4xYVnJNq-_Mz3kgsYxJdLQFv5hhkTc1Guzpqx1PvEfL&sig=Cg0ArKJSzIZHL8bxs1fQEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lcHNvbi5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=54&vt=11&dtpt=53&dett=2&cstd=0&cisv=r20231109.54075&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C35 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 16:19:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C35 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BehGu92VnZYbTItDQ29gP36CHsAwAAAAAOAHgBAI&bg=!EhGlEV7NAAZxrfrxUa07ADQBe5WfOD20XGdycToc7b55DdRpydLjfWOjnVVl3qzC-i76dMxvG7Z6EwKHnieh28egSbiLAgAAAD1SAAAAAmgBBwoAAlk-mQL4WP4tyRFameqHfn2BeOxqcohyBRKJ0EExW9MoCizMJA8In6kvS1Nyiza9xXoGOe125rNnPWqrpg-u1KuwCxW_qchOgLAybLVkauzylOAo4IqHjrKiPTFd-Igg_aO94VDaYtjS1dU3MYjZlJFmHHd3H1XbZmRrlxYvoprtE9VN29zpapSBzYKMyaTsIpu_yXQsWB95CIXYD6RrgsnkBXuOVJNFmzVTsvdEFfIRKSWdbS8wID8C4xOO1yO7lSPhzPBTZn6aIm49KDr3tWHtOtoysuu8_ruNN5Iy_AC18aqw5YwxjYLfOvOf4vPNbkv62U5LFEeEq0CG5pUD5C1z8KhmavpEbMLMMLmgYPtuQ4yJuUWHeJXoAcj1EnKo01HpXX02kNv0V_gSxF10GQ48vSFdDoRwS7fb0bEdT5-Q6X7_a1rEsXkdTsWYtM3j_gKHfDrYzzgcDM_iCY1xLQM-sgSrk5_SRO-bmb2MGXwxBHnRY19Sb13zDDQZuBEtyEfkEqz9f1rNiDD6prHoTb689qyrK_K0ApQjFMLYPwvpHYggunqHMQ4c4sUJ6KEPpFEjqTP6WjDQXzz95Yu1AVowyNPl1vZXNl7wzIvZ485n3Bj2vcJDNCadHcW2DzoQ3z6shP6RsDaCzgaHpQb93PVsxr_NWey5xSiv8z3nfz124e5iXq8VBIvfqYgWYMz49100qaE-3iYi7IrSCn4O0Am6MBasgtoHkAc8CE5_6Hqy-ka1B2Kf2wGc67jRQxFybSIckWuhHz8DzaJh5XGmSw37gmTAF5zz_ePvO1zKYs06DVenw0BHc9i4Qm3thcn0oqeP8YzK7Xq-g0nN_2sE2mnb3B08nqU3FXu-Wr9-Mlsz7K8TOQ9u7HRe1cU77LSPp5G5Q_2JiAUQdXaZzBQpREG-9BtGfOme_DjxyoEgGJU-T42_gWYE32ubZuQ1Rl4Bs2xGy-D-0DdRL8tee6BnUXrXqwvzTVgq5xaIlCeqVxTOW_t13pECl5SxYMy_Xg

Requested by

Host: bemblogado.com.br
URL: https://bemblogado.com.br/site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 30FE 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkgW44Rr7KzRAz7SjSG_Dnin2isUgToKlj1RfTd4h3RMV-E-GGtMxTMoS-dXo9uGTep1QQKPkzUtU1jYpHNeOKjzAU1ppeiB6HUSSNAvfroVRfNmY1z4SXK4bDWbQMlGxgzRxsFOkhumNH9J0wrVIp6ox7uhgeLGbHH_Tu5D12jiJYHHM&cry=1&dbm_d=AKAmf-BY5q8Ysr1cNTuKLSd766ZeE7YJsWX9xMSdF2ssaUxPqQB6u9HC3LNA3oTaTOWbd-BaF7El6W_yC7OdJMA1Vkh00SeJMONhz1tdncRvg9229ASRBZ3cbfaTBiGaxkrDOG5BkUC89BZL4ep99QvG91Lxe2a52ZILwUCw9eOpxcUflYPFKEyL0NLpHqoe01v1yR-WDy3A9qjjbESQ8F8g-DO0fI7qMQucZLEdHgRs2Qx5BOvdbK76jYHcPxuB07vN7VXXiSLPheebBgq42MWm-icSoz-28HklE1zkLJAxEIcoEqETwVYs7GOSkqIbA7B2cj3Ly1NYPOOqBe7DIHwS7Hh9XPsyvZPK5mK4weX6ZZC9v1QyCdRwBjoSz7okqtQe1h_XtUp9Rjf-k3XpemTt74oIdbrKyk4eXs3FO4NPqXXYMFTZNx5yoLPr7IbIKRlrzHD5ImjhasYVQdxgs_q21USpt1Bn7GOZ-1WikA4GMBBEHCGkMCYMl95Be9c78RRr1RNPtYgF-WQREgp8of5VPj541PBharci_zY1MYo9HOb0Y4LDVgm4KSsHbkzddlexR-QwiVsZQe__kqTM9X8YIl4zy-yeNHK5Am2h3G_jRda1B4Yi5tU7XSUjjnIPHk-Hc6agZ8ioZuBnYZimN55lakFb5gfghHK5Zst8YYAUhdGdNFZnCCu3DkPcg2BOM8Ab7oz16S4F3UvM2FmjvosdeCzkPdwKBg7IWRoDjYN3_ZUluX_dGZfXSPk2CLBd1HFlL5AczacAgbNqdEWGor-8p-ZbdKSeomxT8ffvpQaD93MgJsZC9kOBOVGYD0Rs0jl3rhL7B9BbbpVaqlkdeWEoZnsE_gqNAAHJGafLSox1HUslcktTqtZIgxIGLjCdo4FfKWi66ej2hu9Zl6sKwfEzqOCSO1cBrXZLrMNMar8PGFhl9_2lCI0TPc97lsaq3V-D16raNzUPTVPox54gBPoAyfNFR_yzei5T55IZOR71Ej3KJ2_tPyw-LKG2c4gqM3VLjrDTh5qCL2Quahhteo5ikMoSrE0_XEPxOYXaQYQAK0ua92JGtUSeAUI51fifC53jxwjCAHRnCcSJ2YTY7b81P_jFyEXG3rfheKOSzxsvCxD1ipMldKmOy4hO7A52RpbAM9BGGI0Q_1MLn5AEIBvoulMTael-KvaIaVmQSlx1hyaeD28GxY1ppYb1cpBZ0QGzEnaL0_AtuCJ2CSMJeVuZgNflOqsTQ2PPvbe00xZyZt3jPQdceKG4-uuBXDXQUTaBt5CL5gvWsWrhjmPuufjm0I8NnJbbefPyMmTIBD-arUYUXjx0BPOovx4Nvs8RomUcDKt8uqaR8kxrt3AOc8-e6dsRIvlPyQLLU6kHdSUcDo8egyBdd5fBA28cYIXAzq4pcvMnNEVmxDJrLvsRWbL4JjtbSnWizBvCO75v8jJl3zBkZruCgkXaHvuDbFa-OiewpzaN1gBkvbZDg1xy_7TG03dAlzVEZSIyZjnx0jw-nrVCxR1hKJr5INc5TRMUW9kRjym1Gr2jCoIWHwud-nFXYy8EBZFPyouL01eZYGW3Pvl9xFL1GqmrJbXbQfj8t8j37oLaMwIdDVbhhiv49iCc3_Rvw4T2gGZ4EUzNXxJ444AdgKgeKreTV99hbuDGZVgzqcceH-uX30NIOtrls7_bxvqYza-V2gAahUaKyPyOBnKL6lFB0a7gMECHGY-fHwmO_mGHdyZZ-TG2PufF6g5VQHkoX1st0ct1t_ACiIIWv11_NxAGsjpVfY1zITjg3o5jd_n9Bx4r9z8RztVLDqq-Okq0PY2j822_JJ8pf77x3V1Ek4DctUzpnNEOxneX69vVEI-LYll3UK6OcsQ69yiUSsJogwId3645JM-E9yNZqg0WxYATr7-j4vy1-A5b5zzzLouoRQoEBqgHkSiywpQTmss2Syrk9QNtOSkTfy7XCUt66P5f4fQ4p1n5InGTIhXMeNR31ZY3SsiWLm4pNxgQiMH3aBgrNrB6xa22d9a5qPD1r8DXEvnw223BwVHBBP8WmqD-sBMQk7fSjubDp9zO9YCKyu9ku1HPr925VvgGnXZFa4-f4Xt885GYI7-PRVBgm6vpXvnprPDkpi4xzf4n6XjavkgcnzyaQuT8wl-WuDvIth9DXUYABIfFwY5uF_3dK2SrnTQMNbFBn1hXN3NAdfFXYWQTWJmklirpJlukrh2-x1xa8ciMIhUmW2ZIDiC3s07kqeRkgRBTnMdgvSsyv8qOb_WyzbchVCJna7_NqVjxSCfkNYoxjh6R9wGnPBTimSGmL126vBQ0iS9NN2lVeNqGtFvPGBTZGcJy3W3mtyC-xwaqukKpd2CUH_yOVeVMYjz6Zl5_82lO9ytMuwsTvNh5QmGN2YoUItU3oJcHzuejg6xChu33oySMUtImy-61BP04poiZThb4zdDAPL7SMgkXwnynWtOnB913To5ZYWBy-2AZWHfjJvyn_d0erwO5gnqN1U6n5M2aXbGSl3IeCjAP2Fzo7OvGQ0KDFmCGyt1rE6iGaYlzKEy_MeOInRMwnP2BpHtBIVymMny92RFQV_PhAOJz93IdPN05TSOMLi37nrR8CPvl2jqY0X3DmNjlYtNbIh0CI2XDHb6IXp84E0puyGeTtqY-fU7NkLDODFgJXXFGK_r7zQi53X6Z8pgR3WNP-6KeHsdhRDUm_AfPCO0k7G_qyrkkqPMEwoR1XAewBYXqjRX6g8xtNChSv2JTslefkiNOhQYoFTHZuRKrGWGjRjoaVln2p2l0aHylno1VBC4X1o8ohBPQuz6Um33sRd2UeD8AMesFA0v1__Pj87qurx79cC2j-sy-xTWv9J0nKfqyeETPHC2dlPpzahEruhfTDOzXnIyWKIbRV_FPFyqCnB9AyAJJESvzwqIBI0O60ZYaFztqC2IN2rk8xk1wO74UVCfCJ0GF6lO3vOYZ8UhwRNeuZcjSsCTqGuh6E-btrmK6qwgO2ufDuaJA96rWQBuo5W5jjPrPBHE3tIYyfs8doKu8O5Z1aAuGcLS_T1fwxB2GzCSvNvpL1O_UTQ0yeZ9aQKVZd0SKvdCpH6A6WAzSwDkq07g1G4CNPCvsHGW-b-fL3-pGGAR5NcWSdQIVG2BocpecDeGDpTD_hraSpYJrGKe0zBHYRgz5Z9W0I4EcRgCZgxF_TG6O4M09DprD6PVB8_BU9uUQD0921DToPGzbPXo9KGOFiT6swjXioMMq-fbtVEKAFu5dQYmKo4BZ9yzq1xp_U2eDF7oBq3cE0M7Awu_cLGkcYRPGVlT3H2uEDEsH1YdOKoDwb-ci9Lfi3Yh3uMUeVCf7oxldOfkfks3CMoKfejqLUTSFQcBynjvufuXkis816VeuE9eejrDOG2V8wNkmMPpcoKeMxlfzsrR4nke_yIMXo-8uaaj9Z5K83B340s1h628C63yJ3D457DLaRmmikcODp9VUlOdQ9dUXQpv2shWYiH154UdQv1Vnv3EUM8epo102N1A8NgzFRLSMiPe-9cL2EAV9_4mV05AO5zPVvvR2HF7Rylx1YU4EaXGrEM4xo7vkEjvY5lr8aKbJZEJUOexf_OTzuDeIsUKSTYkDkXB8HGgPW-VTXfxXx6Ds-jPSgqbWQPsl0IqGtWz7rfkksp73w4AY_X3xZpDwL33aeSKFUI2i5gR_pFq6bYwVklU9Xj7NP_5O716VbzlVDQt1kXBMx_bGNTI1sFPlY9lYYzEnZQEevJ-wwexb11v4tx6emCW5zGhpf4cqCrMfnCJQXrZahbgq-8oqfTqSUvpmjmuQq-jW6ScGpryo9D7gIiUY56GuiaeGmhS5Q-8G7Cvos7-vIHaBSZuoN89v2zfzEwGNU1DtmIEYwJfDJVGA0GTQlICDJ_LZblAPs7V9Oac66oDWY5BbI2b0L3v4DZHXOeppJOLHSuC_cL0uGf9ytyI2rWqGKVLy2reTFO5u3WcPVBtEUlp1NR0mr2X3V7MWrwCjEdp_VhFqS-4bSCxG3oOhn7-ci7rGSX3lpzZI27U2&cid=CAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbemblogado.com.br%2F&ds=l&xdt=1&iif=1&cor=6292479376757849000&adk=1964084972&idt=138&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 426020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTI3NTEyODI5MzQzNwogIHNlcnZlcl9pcDogMTI2MDYxNTcxCiAgcHJvY2Vzc19pZDogMzQ3MzQxMjk2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 30FE 0
589 B 46ms
46ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTI3NTEyODI5MzQzNwogIHNlcnZlcl9pcDogMTI2MDYxNTcxCiAgcHJvY2Vzc19pZDogMzQ3MzQxMjk2Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNTE4NDgwOTU3MTc3NDk2NTEyOQpkZWJ1Z19rZXk6IDEyMDgwMjY1Nzg2MDUyNzY1NjMzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTYwNDE2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY5ODYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xdcef201938bdf00c0000000000000000","13":"0x944de669759348fb0000000000000000","14":"0x78c55fa5da1cfd1f0000000000000000","15":"0xba30a4998eff6d8d0000000000000000"},"debug_key":"12080265786052765633","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"15184809571774965129"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame 30FE 12 KB
4 KB 50ms
8ms Script
text/html 138.201.84.244

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1701275127573222&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ffa8a67eea854ec21c3b1094cbe396c169057959f254cb30ee0b9fc54d18e842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 16:25:28 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4236
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F8AA 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 306408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F8AA 39 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 16:19:51 GMT

GET
H/1.1

200
OK

request.php
hal90008.redintelligence.net/ Frame 30FE
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

92ms
79ms

Script
application/x-javascript

138.201.63.150

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=600&slotname=7167553397&adk=514359781&adf=2883579220&pi=t.ma~as.7167553397&w=300&lmt=1701275127&format=300x600&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275127125&bpp=1&bdt=885&idt=288&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=290
Protocol: HTTP/1.1
Server: 138.201.63.150 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 16:25:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 17253000139103704444978012523008
Connection: close
Content-Length: 1323
Expires: Wed, 29 Nov 2023 16:25:28 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 29 Nov 2023 16:25:28 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 29 Nov 2023 16:25:28 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8AA 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bhm5g-GVnZb30EYOYjuwP4qag-AwAAAAAOAHgBAI&bg=!rq2lreLNAAZxrfrxUa07ADQBe5WfOHGy8qnI41lE8pxaQrmY8RkCODNndrS2AWbsAJr--TBHTE2zwex-Xq6jxWkA9KMwAgAAACdSAAAAAWgBBwoAQnk2OE5s13Jnym8n3HNhQYDVRSD3tWLvIK3ArsJaOcep3vkqbHl_jY4Vhzp6GNaVdlpkzDb5NeOPZPDtLO5zdGI9NZkC9JzkbBSu_RNdgJ5EtRPGhHe9PhoyLDwe9K0vWDLMyN3w5z17vOFq1AOFnArKbbnvsT1s-IUFcj1TqgiK3HQVzkVw8Jh6sp3S4tbzznRCc4miHyD1S00KsAvcKZhTkiSZMOjxBWJxpoNEpQd9-__x3Eg25tcSi7G_hgh-Y873G86-_KNxyi6ypCDo6KBL8WxaoXr-XJAdvBmxP640PInFBH3r5ha_zHlUjCAhXVRFbMdapIWxNI6AdcuhCPh-GlxXyYS7DSYfc6_m9HkLXPTQ0pAnCvylFeU8KyDP1xiWovemxaY_KkkNwXKrEyS19FSy69_deuUXB8F2DULut3CsAvaV5C3I3eaUpis2Zf5MwEaQEVK-tHFVvNMOMmPiP1fQuP8UPNtFXlXPDqWq-GQ86Ac2eYkTj7TPTnwRyWzZ-BEEGfrWGzlthaEMJfZwi1THL_avLi5EF8fR2TI_PupoGngkIHIM4Pg7giv50LaCPff0fntGAF5X1vUHdSqTojbvzTzcWS-eMm2KCMhyeuqfE3vC5J55biQDz4W4mHgxxfPs8cAhCggMacQBRtaZk_Hr61MxYGaUdH92v1r6C57AOkCfGc0xq6mBCLhBhD8PlU8i6TYn4y1JkjzATv0qflWNvfoE4RAA3vmAGrtemdto45PBZGcM0OcZgVJ44cu8XJz1LIzA8yhjknWGuCHKVh4BGgY0gxp4H6dNtYOORjaBrp-YXbuFV58dQJ45FiScmXP8t3f6tTtKhjY6SGGbhN9cjikPQahM6Czznlx-N0KrW_4yqUPEpgDrNUER-V-UqFSykokqbQiV_mKu7gPCYfLtzhl8tsYHU5SOQr4p_Qjq92LTkTcLnw46Juu1XnX-c80h7u22yvf0SZuUIP048ns1NANpxOHnOX8_WorYTdzlCDCjcPB3hKceV6hi57_eeBfc0_VPjckdRJx4OyQeVAMR5Eg1bt3xNbEKf-v3O8bDZqcQ5r88AmLSkYktk1aZ6XqNwiIu3w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079811

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bemblogado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55848
x-xss-protection: 0
server: cafe
etag: 18108129054670550263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame CEEB 0
0

GET
H2

200

htlp
futalis.de/ Frame 4ABE
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=17253000139103704444978012523008&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564

350 B
401 B

44ms
13ms

Document
text/html

167.233.14.134

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 16:25:29 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 175F 0
0

GET
H2 200 /
adv.office-partner.de/ Frame E50B 930 B
923 B 46ms
7ms Document
text/html 2a0b:4d07:101::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 29 Nov 2023 16:25:29 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 06 Dec 2023 16:25:29 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html
track.webgains.com/ Frame 30FE 2 KB
2 KB 155ms
86ms Script
text/html 3.11.123.127

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=17253000139103704444978012523008&nw=1
Requested by: Host: bemblogado.com.br
URL: http://bemblogado.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.123.127 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:29 GMT
last-modified: Wed, 29 Nov 2023 16:25:29 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 29 Nov 2023 16:26:29 GMT

GET
H2

200

activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52
5994599.fls.doubleclick.net/ Frame 3A94
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52?

390 B
0

57ms
56ms

Document
text/html

142.250.186.70

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52?

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:29 GMT
expires: Wed, 29 Nov 2023 16:25:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php
hal90008.redintelligence.net/ Frame 8057 7 KB
2 KB 21ms
8ms Document
text/html 138.201.63.150

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=8b21f149d0&subid=&uid=d25b8a8c70950ad9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOT4292VnZab-IsCq29gP3_-vsAym5b2gab2YnKfJD_AuEAEgzfjeI2CVgoCAoAfIAQmpAr4Xm8ULarI-qAMByAObBKoEpwJP0FrTnp6wzgPr4Cf6XYg8dqnmq4Ec1Nv_7O0zYSHI_NymUyvWD8P1JM1a6yd7gt6O_5lHUBwaItQZPMIMQb66jaofqCZH9hPvLMGjWxdT5sKCMgkiRnELfGwKntU9tJUuIQbtfm7YPgYXMJC9X1a23CqZDcsOpC90lVafHeNAYW_Vn-IMbbhlJeyb_7DnzdrlhvrOIfkCA2ibiEeyE6fXHrocXTxMVKwRbrH8wZZo7SXjOE7AxoB6A6WyWcRZoNd7_GK1huAjhmmi2V7isle60qIWd39VEbUqmWqVH5vGrCo0B20rd2DYJCVKeB3Of_2Cudo7roDDFUdgS4q7x66H1XNshl4OSaTZiyhBUGveZ6YxA1s754nmeFSUHiajZmcjtUvaZ-p8wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKmUi93P6YIDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJWOkv9qsMJsX13gmIkbH4wokFXminyazuQIkmAFwWwHKTp7yZwb28nmK6pq7rjPSsk72ZXn1dM6gEXV3sR6SWqEu7YzX4tol6hgB%26sig%3DAOD64_3_n3hum3wlKlcmQNKBpT3Pe_1snA%26client%3Dca-pub-8287694053987657%26dbm_c%3DAKAmf-DL9qXezqrJUEmYVAMmoHSWStIg6AnibVoz_r-Vgzm3g2dRLC-8ym4z3qCbwHE3oXVClM0-6InL2MUZ4wMevXMZv3pvh7b_-58Q2Jg81iW4Q_x_nlh1R-6iJV7QvDDIiW-IHCd40wyizN93aJyhaUGlhA1HxDtUHrsdPUsGarI6VCZzygI%26cry%3D1%26dbm_d%3DAKAmf-CIMj_Cumxg22Y1m4YTtnCZKeZd7Ok0YS9aGaWHeYv35WyF-HxYT4R7XdJ0YXfduZnx4ACsvJl-m7e3bIrM7PHNHm6zquVhQYCXZgm3Ss6qBdBZkH7ca4PMC-_QAv4bHYA7cR1CYicXKM5kxCGkCdEHDL-gq0Jwaj43cEsccRvWXnxTiJcKjC372PkoE_35gOvSDVBWzvVlKq2g1cocjMKUGIcUU6VJrHt25V6zXgC9Gsx8rnuc1nqY1ZKajRF57mOA517LLqJQHL4wiYYW7EtDn3IhSdEDUlKF1EDU6bJ4_iRYp7UCM3LgC43GoxJPaUbdrbFHdgvC8YfDYywsWSA2EtHwWZjB28dMwB3nKqzQd5OwPnUmd3gLO0NRT7nalC-Pe12ZxZYsKxHzVikB5qvQsvghsJEm0Mpb9yGP9NJgrMdejIUqoyFVYnRWNoCcSuGv5eUGLjCdOGqp90_-rpSr6z8-uwaxVeKs_PDuCLy9jns2-vKCsiVEHjEYX35GwTzddZ7h21RYWK19IpmiiVpPvrbW5Wr7a_UO7j7pz1krqIgQtKM%26adurl%3D&documentReferer=https%3A%2F%2Fbemblogado.com.br%2F&ancestorOrigins=https%3A%2F%2Fbemblogado.com.br&random=4243602909754&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2040
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Nov 2023 16:25:29 GMT
Expires: Wed, 29 Nov 2023 16:25:29 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 30FE
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=

0
0

GET
H3 200 zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 3D20 9 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Wed, 13 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 885D 9 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Wed, 13 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 9DC2 9 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Wed, 13 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C925 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemblogado.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Wed, 13 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 30FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8057 5 KB
682 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 14:26:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8057 69 KB
69 KB 25ms
9ms Image
image/png 138.201.84.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 16:25:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8057 95 KB
95 KB 26ms
10ms Image
image/png 138.201.84.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 16:25:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8057 81 KB
81 KB 26ms
9ms Image
image/png 138.201.84.244

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=17253000139103704444978012523008&a=41fcb047
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 16:25:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 ts.js
cdn.retailads.net/ Frame 4ABE 5 KB
5 KB 7ms
6ms Script
application/javascript 2a01:4f8:d0a:2321::2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3352668564
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:29 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 css2
fonts.googleapis.com/ Frame 3D20 4 KB
671 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 14:27:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A6D4 14 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 16:24:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A6D4 2 KB
822 B 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A6D4 23 KB
0 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:50:48 GMT

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame AF85 143 B
0 12ms
12ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A6D4 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A6D4 0
0

GET
H3 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A6D4 146 KB
0 78ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame A6D4 0
0

GET
H3 200 fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3D20 15 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 23:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:27:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D20 205 B
519 B 12ms
11ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:42:07 GMT
x-content-type-options: nosniff
age: 117802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Nov 2024 07:42:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3D20 604 B
696 B 14ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:12:33 GMT
x-content-type-options: nosniff
age: 166376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 26 Nov 2024 18:12:33 GMT

GET interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3D20 0
0

GET
H3 200 Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 589E 4 KB
0 18ms
15ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 06:34:41 GMT
etag: 11900953634711111692
expires: Thu, 30 Nov 2023 06:34:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 885D 23 KB
9 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:50:48 GMT

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 1084 143 B
0 15ms
14ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 885D 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 885D 0
0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame ECD6 0
0 54ms
50ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGIzg7PgBMAE&v=APEucNWms0Iwb0mJ4XbM-cHpptII3nTFBrbgY7q7A9UYt4TySSYPZbVtJpIAGmhQsscmbhXr71qauYnaC3FlrWOwjA5JeODXRz2vJcCJ4U6zuPL998bhrJ_unhQYiD7M-BfalzpUuwC1g7x0a3tDeYQOe1GFAwthXlhSjGSi2YCdB7-5c9sWLso

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:25:29 GMT
expires: Wed, 29 Nov 2023 16:25:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F721 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 07:40:28 GMT

GET omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F721 0
0

GET Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F721 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F721 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F721 0
0

GET ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F721 0
0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F721 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdZmzW2-EGMgyEBoD3PhBapln1lu__xUNhM_9DndEpOIZPCluaXnguXwWLJ6WuJt_haRyyyQSLLpkhQcUA3lqEpu1CCn6yPUuS8BzPu3mqYSAkH40

Requested by

Host: bemblogado.com.br
URL: http://bemblogado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 16:25:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11791220263914748300
s0.2mdn.net/simgad/ Frame F721 60 KB
60 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11791220263914748300?sqp=uqWu0g0ICNgEEKABQGQ&rs=AOga4qlj4TeH3fmzz9PrZeNhoCVBmJ6Fuw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:28:40 GMT
x-content-type-options: nosniff
age: 277009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61572
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 14:40:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Nov 2024 11:28:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C925 6 KB
706 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 14:27:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C925 2 KB
0 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:51:29 GMT

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C925 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C925 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C925 0
0

GET ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C925 0
0

GET a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame C925 0
0

GET
H2 200 gtm.js
www.googletagmanager.com/ Frame E50B 174 KB
0 20ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:25:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63923
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 16:25:29 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/1144290754256996351/ Frame C925 37 KB
37 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1144290754256996351/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 10:30:32 GMT
x-content-type-options: nosniff
age: 366897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37651
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 14:21:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 10:30:32 GMT

GET
H3 200 3570889295123759882
tpc.googlesyndication.com/simgad/ Frame C925 8 KB
8 KB 9ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3570889295123759882?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 12:45:04 GMT
x-content-type-options: nosniff
age: 358825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8117
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:01:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 12:45:04 GMT

GET
H3 200 Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 589E 74 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 06:56:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Nov 2023 06:56:34 GMT

GET Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 589E 0
0

GET Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 589E 0
0

GET dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52
adservice.google.com/ddm/fls/z/ Frame 3A94 0
0

GET viewability
hal90008.redintelligence.net/ Frame 8057 0
0

GET 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8057 0
0

GET 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8057 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/uploads/2023/05/WhatsApp-Image-2023-05-19-at-13.40.09-1-1.jpeg

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/lightbox.3489c2bc8f62c7ee72ed.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.14.0

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/search-form.6eb419c467197ca411a7.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/form.72b77b99d67b130634d2.bundle.min.js

Domain: bemblogado.com.br
URL: https://bemblogado.com.br/site/wp-content/plugins/elementor-pro/assets/js/popup.483b906ddaa1af17ff14.bundle.min.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8287694053987657&output=html&h=280&adk=9936126&adf=1352110373&pi=t.aa~a.1668263445~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701275128&rafmt=1&to=qs&pwprc=7690491545&format=1200x280&url=https%3A%2F%2Fbemblogado.com.br%2Fsite%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701275128886&bpp=1&bdt=2646&idt=1&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd2c44846c08672de%3AT%3D1701275127%3ART%3D1701275127%3AS%3DALNI_MYRefwT82DCMtO3RPyJzdVw7J6eWQ&gpic=UID%3D00000ce1a20d2835%3AT%3D1701275127%3ART%3D1701275127%3AS%3DALNI_MYxW7EapWlbyTsf5dgY-NdAUiKIVQ&prev_fmts=0x0%2C728x90%2C300x250%2C300x600&nras=2&correlator=8052499195794&frm=20&pv=1&ga_vid=599664749.1701275127&ga_sid=1701275127&ga_hid=74170720&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C44809004%2C31078301%2C31079811%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&psts=AOrYGsnI36d3gMIB7x1rTz302mF3hUwPRK8KSWRe22TWC2NLdVhX3r3PUrEZ9n4USli1a9zf1eKRvstQLh94x8MIkvxCRg%2CAOrYGsmIaQiTlBuoPzVVhr38EcIgDPFt2WMU4oc2hFJezBWPrYIjQWVgFiREpWxcDFbbxQj1e32ZCXnoi9Rj3-2M9TQc6w&pvsid=1401770867060698&tmod=544276106&uas=0&nvt=1&ref=http%3A%2F%2Fbemblogado.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=1&fsb=1&dtd=40

Domain: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Domain: pv.medialead.de
URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=17253000139103704444978012523008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Domain: adservice.google.com
URL: https://adservice.google.com/ddm/fls/z/dc_pre=CPmc8d3P6YIDFT4HogMdfrkIAw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6016093547212.52

Domain: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/viewability?s=17253000139103704444978012523008&a=6d97eecf&vb=m

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bemblogado.com.br/	1970-01-21 02:10:35	Name: _ga Value: GA1.3.599664749.1701275127
.bemblogado.com.br/	1970-01-20 16:36:01	Name: _gid Value: GA1.3.400148422.1701275127
.bemblogado.com.br/	1970-01-20 16:34:35	Name: _gat Value: 1
.bemblogado.com.br/	1970-01-21 02:10:35	Name: _ga_YNST7LZLF9 Value: GS1.3.1701275127.1.0.1701275127.60.0.0
.doubleclick.net/	1970-01-21 01:56:11	Name: IDE Value: AHWqTUnFXIWggOXNEbGqqSYQbU_8Fl-ZPx91j2HyB2tvB51O7IqwSsyF8pM4pD85
.casalemedia.com/	1970-01-21 01:20:11	Name: CMID Value: ZWdl.Gx.jARep5UQAFn35wAA
.casalemedia.com/	1970-01-20 18:44:11	Name: CMPS Value: 2124
.casalemedia.com/	1970-01-20 18:44:11	Name: CMPRO Value: 2124
.adnxs.com/	1970-01-20 18:44:11	Name: uuid2 Value: 2087559734843011133
.adnxs.com/	1970-01-20 18:44:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il^v]2/b!]tbPl1M>e)ZlrFUfJ+tGXxpCb7#k/D[C0sRcrQXLDG:+?i.th_.zJPJ)$aB3If)y3KL9D3I?+`NNYUS
.bemblogado.com.br/	1970-01-21 01:56:11	Name: __gads Value: ID=d2c44846c08672de:T=1701275127:RT=1701275127:S=ALNI_MYRefwT82DCMtO3RPyJzdVw7J6eWQ
.bemblogado.com.br/	1970-01-21 01:56:11	Name: __gpi Value: UID=00000ce1a20d2835:T=1701275127:RT=1701275127:S=ALNI_MYxW7EapWlbyTsf5dgY-NdAUiKIVQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
bemblogado.com.br
cdn.retailads.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
pv.medialead.de
region1.analytics.google.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
adservice.google.com
bemblogado.com.br
fonts.gstatic.com
googleads.g.doubleclick.net
hal90008.redintelligence.net
pagead2.googlesyndication.com
pv.medialead.de
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
138.201.63.150
138.201.84.244
142.250.181.226
142.250.185.194
142.250.186.70
167.233.14.134
172.217.16.134
172.64.151.101
192.185.215.219
2001:4860:4802:32::36
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9a
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
3.11.123.127
37.252.171.52
011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab
02a03842f4541b511de1f490dc410dd465a9d63407350ee8dae6e3c4f7726628
0b5d980405f1a539020b83c679df387b77ec1c8c609acb18694291fb8bcd8dea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1300ba0b8758d7bc790b67e4690c124bb46e4a8cdc3901605bb4721b1d0c42b0
1349c213766a5f6da0fb2866ac869b3d0a931cbdae3ddcedb800c2f3e55f2ba3
16cb5bdf4fab9cae6686619fbf8ef1b240302bd7ee037e91ae036b35d2405a5e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1e96df2c7db632f63273b806f60bca3fe72b5ff122a4c84307a3899ae25669d9
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3f4e82858259c22133c1555324b736bf03e6f827ac8add4791edc86542a2276c
3f693849edf3db91546d7f6211a09e7b26af212848f7d20a2d5dd218ccf24c66
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c3ca291235f8e06df80f338ead76fcdf7d1375ced7d20ab90d6d18adc788783
4edefaae0530f8e4876f4002cef896bf8eaec505584d8060b2a427122cc12493
51deddce2061e92e3f5354e9a1cfb6c44a34779ea37509e7fcd222a9af116ce2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
5544bb539302b2486fca60ac002f9b4e922453cfd8dacd5555d49247310e545c
55bf10a1645567d3b7ed40204525c8dc89a32c5851adecce569f5fd5ed97b88b
57b9ed46db9f0404ccd138ab81ac7cb24d5a084103cfdc53b776792f1d487465
5af2e1773fa2b2e87b1bad9a4ff98227046010e072803835495e20d970a325df
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
6373b977c2e74421978a4f4ec2ec6ea4259b5dcb5968b4b5cbe8df78c310e1a7
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6f458cc595c07157e118cfc1b0f09dd34aa02eb00fcab7688ca7eef7dababe27
76b097d6e0e8909b60f072b3ce1f49fe6e274494d45ae388d573019f29ebf573
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78c26c256682611d4ed838df5e4043ff45e85ec5f4af5e6565b3e1d598a928fd
7a3a19faa84ab238ac542e09efa9a6e3575b46805b9a43343b3cb445e08b1ecc
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d6bd80dcc841bf4232f35f9a555ac9e8b6a5515569c7d1994cad95ff30956bc
820c6a4627f2731479fbc2133d5047d493f71058bf20a445fac83a6a660444bc
86cda207bb9abf4e76744b003e3348daaee8577af83ea80b2f06e98d67a2f0e8
8b282aff34d04a851b1396e4451d1ddb3d9b00a330f4c9907d4dbc8df632104e
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
900c7bdac483b7fe96516c706e902bc1ca0c012526b42aeaf2b22927d6372060
90270d4ae631e96dfa955487e1ebb6f068578a2be3d19a6d9ed1c5d262e75624
98ffa42ce3f18359719610b0ba6da67b159897622e9b8ce39cc028454ae446a4
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9acf5b95dd7032aab6f0f8c357a5f6a4aebdb09f868155aa706ab3ec419e9704
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9f7284308b9dfe1e508c5fb06e209d72414d41c117a18592dabb2f39ff06cbe0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a2b77c43ee77452b2bf6a2f545f8fb74a8258555bdee0d639689dab4e4e71e
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a64b01d95264e4acae6862a8769b15613750d93c6435ade24925c8a069ea5b0b
ab14e945bc72af34e28b188ff288f89d5fff8049ef298cdaeb189af9eaf164e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba786e87bcd713a41f1979c5d861d9f2873d5c4682a036fc1f08c426f1cfbf57
bf9f2d5bcce79d7840892c9d7e662802236736b019105c61e2b8e05935852a83
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8b8673934dbbc424808b57c41e30231950834bdf9942259136d475f4571fdfa
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb39ecdd00d2c4a7176fba403633c5caefb9c372fafc5c062f18d2f859543434
cd6d67c5a1835b0cff501cb9de84f86a921dffdfa0bff967e23e7971ba10177c
cfeffa531f3ccab4296efcc4db5f7dfd9565b7ee92e53e02094c4bd786307cb4
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d8d739e5fc6466a6ed3dd3bba314c862822c0084d3841f8858d2da6d58ad8df7
d98bdd8d9c4da34ca6f4639dbccbfd3d45154788793091ef016384411c97759f
db55133a67a89d7afa8eec358261698e5f831c82cdb2107973b8fe404f5ddc7b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e173360f5af3286284d8543def13aa486b8fa8b99ca2ebcaeadc8c17593a9623
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7228a077f0c25993ee7599dd9788316135be1755cb02490dc6c880d03205676
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fc30c4e9f080778ac2f49816e7650fb6b13f26b1decef6dcfb55209b002274
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f95abd2d3390063ea73ec57a143a768b876a44aed3bf4af1c452d97be6750f8e
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff6a57fb71498826e9c37e64a6216349c3a637fc14a0ca1162ab548a453de078
ffa8a67eea854ec21c3b1094cbe396c169057959f254cb30ee0b9fc54d18e842

bemblogado.com.br Open in urlscan Pro 192.185.215.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

76 %HTTPS

58 %IPv6

20 Domains

28 Subdomains

27 IPs

3 Countries

14383 kBTransfer

18524 kBSize

12 Cookies

5 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bemblogado.com.br Open in urlscan Pro
192.185.215.219 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

76 %
HTTPS

58 %
IPv6

20
Domains

28
Subdomains

27
IPs

3
Countries

14383 kB
Transfer

18524 kB
Size

12
Cookies

204 HTTP transactions
4 data transactions